e352452881d3a727d1f928680b535f5526e136c6de4962e07bfa93530156d9f4

Analysis

max time kernel
148s
max time network
150s
platform
windows10-2004_x64
resource
win10v2004-20241007-en
resource tags

arch:x64arch:x86image:win10v2004-20241007-enlocale:en-usos:windows10-2004-x64system
submitted
09-10-2024 01:23

Sharing

Copy URL

Twitter E-mail

Report Analysis Logs

General

Target

2860fd93a2cc87bb5c7daf2e275547fe_JaffaCakes118.exe
Size

143KB
MD5

2860fd93a2cc87bb5c7daf2e275547fe
SHA1

ddbbddadbdcb8bc52620e03b7cf91460c6141fed
SHA256

e352452881d3a727d1f928680b535f5526e136c6de4962e07bfa93530156d9f4
SHA512

5b3b59ac0817304010b312784666350cc31e5c784a3e9b7fe74d693b70446c50d5cfa3281d65041cb8cda7ec3b38a0e839a2e0e24781957a70314cde00572cd9
SSDEEP

3072:b/GpRWFXunrIeu8mNLIdt+yee+bxD86HN2FhF:bObWtsdudIiL7HNA7

Score

3^/10

discovery

Malware Config

Signatures

System Location Discovery: System Language Discovery 1 TTPs 1 IoCs

Attempt gather information about the system language of a victim in order to infer the geographical location of that host.

discovery

System Language Discovery

T1614.001

description	ioc	Process
Key opened	\REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\NLS\Language	2860fd93a2cc87bb5c7daf2e275547fe_JaffaCakes118.exe

C:\Users\Admin\AppData\Local\Temp\2860fd93a2cc87bb5c7daf2e275547fe_JaffaCakes118.exe
"C:\Users\Admin\AppData\Local\Temp\2860fd93a2cc87bb5c7daf2e275547fe_JaffaCakes118.exe"
1⤵
- System Location Discovery: System Language Discovery
PID:4600

Network

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

System Location Discovery

T1614

System Language Discovery

T1614.001

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Analysis

Sharing

General

Malware Config

Signatures

Processes

Network

MITRE ATT&CK Enterprise v15

Replay Monitor

Loading Replay Monitor...

Downloads