77f1726c08d94f0a220ceb5c0735c03c8424c1a1876137cdbdbf29362311af66

Analysis

max time kernel
140s
max time network
118s
platform
windows7_x64
resource
win7-20240903-en
resource tags

arch:x64arch:x86image:win7-20240903-enlocale:en-usos:windows7-x64system
submitted
09/10/2024, 09:11

Sharing

Copy URL

Twitter E-mail

Report Analysis Logs

General

Target

2e7b91069d8968b095242e82a8c43c66_JaffaCakes118.exe
Size

352KB
MD5

2e7b91069d8968b095242e82a8c43c66
SHA1

90a86f5615fcfdf37f3542db00a943f2a0bee116
SHA256

77f1726c08d94f0a220ceb5c0735c03c8424c1a1876137cdbdbf29362311af66
SHA512

70d6a6d3380a4b40fb0a6c4865bcb38b1faa776bb74322e6b47893720fae5815a397e917d6f40210517f3761960a1eba603566c6477da3f08b581018ff54bd6d
SSDEEP

6144:BAeIifU8j6Hd4L9UMlqcDONoIkUTZ5oZGdzVEkQ+lrRBlWym7D:BRFj6Hd4LSMlqPNoIkCo4EkQilyD

Score

3^/10

discovery

Malware Config

Signatures

System Location Discovery: System Language Discovery 1 TTPs 1 IoCs

Attempt gather information about the system language of a victim in order to infer the geographical location of that host.

discovery

System Language Discovery

T1614.001

description	ioc	Process
Key opened	\REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\NLS\Language	2e7b91069d8968b095242e82a8c43c66_JaffaCakes118.exe

C:\Users\Admin\AppData\Local\Temp\2e7b91069d8968b095242e82a8c43c66_JaffaCakes118.exe
"C:\Users\Admin\AppData\Local\Temp\2e7b91069d8968b095242e82a8c43c66_JaffaCakes118.exe"
1⤵
- System Location Discovery: System Language Discovery
PID:840

Network

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

System Location Discovery

T1614

System Language Discovery

T1614.001

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Replay Monitor

Loading Replay Monitor...

Downloads

memory/840-1-0x0000000000300000-0x000000000033D000-memory.dmp

Filesize
244KB

Download
memory/840-0-0x0000000000250000-0x0000000000251000-memory.dmp

Filesize
4KB

Download
memory/840-8-0x00000000772E1000-0x00000000772E2000-memory.dmp

Filesize
4KB

Download
memory/840-14-0x0000000000400000-0x0000000000421000-memory.dmp

Filesize
132KB

Download
memory/840-13-0x0000000000400000-0x0000000000421000-memory.dmp

Filesize
132KB

Download
memory/840-12-0x0000000000400000-0x0000000000421000-memory.dmp

Filesize
132KB

Download
memory/840-11-0x0000000000400000-0x0000000000421000-memory.dmp

Filesize
132KB

Download
memory/840-10-0x0000000000400000-0x0000000000421000-memory.dmp

Filesize
132KB

Download
memory/840-9-0x0000000000400000-0x0000000000421000-memory.dmp

Filesize
132KB

Download
memory/840-7-0x0000000077B40000-0x0000000077B41000-memory.dmp

Filesize
4KB

Download
memory/840-6-0x0000000001ED0000-0x0000000001EE0000-memory.dmp

Filesize
64KB

Download
memory/840-5-0x0000000001EE0000-0x0000000001EF0000-memory.dmp

Filesize
64KB

Download
memory/840-4-0x0000000000400000-0x0000000000421000-memory.dmp

Filesize
132KB

Download
memory/840-3-0x0000000000400000-0x0000000000421000-memory.dmp

Filesize
132KB

Download
memory/840-2-0x0000000000400000-0x0000000000421000-memory.dmp

Filesize
132KB

Download
memory/840-20-0x0000000000400000-0x0000000000421000-memory.dmp

Filesize
132KB

Download
memory/840-19-0x00000000772D0000-0x00000000773E0000-memory.dmp

Filesize
1.1MB

Download
memory/840-18-0x0000000000400000-0x0000000000421000-memory.dmp

Filesize
132KB

Download
memory/840-23-0x00000000772D0000-0x00000000773E0000-memory.dmp

Filesize
1.1MB

Download
memory/840-28-0x00000000772D0000-0x00000000773E0000-memory.dmp

Filesize
1.1MB

Download
memory/840-27-0x00000000772D0000-0x00000000773E0000-memory.dmp

Filesize
1.1MB

Download
memory/840-26-0x00000000772D0000-0x00000000773E0000-memory.dmp

Filesize
1.1MB

Download
memory/840-25-0x00000000772D0000-0x00000000773E0000-memory.dmp

Filesize
1.1MB

Download
memory/840-24-0x00000000772D0000-0x00000000773E0000-memory.dmp

Filesize
1.1MB

Download
memory/840-22-0x0000000000400000-0x0000000000421000-memory.dmp

Filesize
132KB

Download
memory/840-21-0x00000000772D0000-0x00000000773E0000-memory.dmp

Filesize
1.1MB

Download
memory/840-17-0x0000000000400000-0x0000000000421000-memory.dmp

Filesize
132KB

Download
memory/840-16-0x0000000000400000-0x0000000000421000-memory.dmp

Filesize
132KB

Download
memory/840-15-0x0000000000400000-0x0000000000421000-memory.dmp

Filesize
132KB

Download
memory/840-32-0x00000000772D0000-0x00000000773E0000-memory.dmp

Filesize
1.1MB

Download
memory/840-31-0x00000000772D0000-0x00000000773E0000-memory.dmp

Filesize
1.1MB

Download
memory/840-30-0x00000000772D0000-0x00000000773E0000-memory.dmp

Filesize
1.1MB

Download
memory/840-29-0x00000000772D0000-0x00000000773E0000-memory.dmp

Filesize
1.1MB

Download
memory/840-33-0x0000000000400000-0x0000000000421000-memory.dmp

Filesize
132KB

Download
memory/840-34-0x0000000000400000-0x0000000000421000-memory.dmp

Filesize
132KB

Download
memory/840-35-0x0000000000400000-0x0000000000421000-memory.dmp

Filesize
132KB

Download
memory/840-36-0x0000000000400000-0x0000000000421000-memory.dmp

Filesize
132KB

Download
memory/840-37-0x0000000000400000-0x0000000000421000-memory.dmp

Filesize
132KB

Download
memory/840-38-0x0000000000400000-0x0000000000421000-memory.dmp

Filesize
132KB

Download
memory/840-39-0x0000000000300000-0x000000000033D000-memory.dmp

Filesize
244KB

Download
memory/840-40-0x0000000001EE0000-0x0000000001EF0000-memory.dmp

Filesize
64KB

Download
memory/840-41-0x0000000077B40000-0x0000000077B41000-memory.dmp

Filesize
4KB

Download
memory/840-42-0x00000000772E1000-0x00000000772E2000-memory.dmp

Filesize
4KB

Download
memory/840-43-0x00000000772D0000-0x00000000773E0000-memory.dmp

Filesize
1.1MB

Download
memory/840-44-0x00000000772D0000-0x00000000773E0000-memory.dmp

Filesize
1.1MB

Download
memory/840-45-0x00000000772D0000-0x00000000773E0000-memory.dmp

Filesize
1.1MB

Download
memory/840-46-0x0000000000400000-0x0000000000421000-memory.dmp

Filesize
132KB

Download
memory/840-47-0x0000000000400000-0x0000000000421000-memory.dmp

Filesize
132KB

Download
memory/840-48-0x0000000000400000-0x0000000000421000-memory.dmp

Filesize
132KB

Download
memory/840-49-0x0000000000400000-0x0000000000421000-memory.dmp

Filesize
132KB

Download
memory/840-50-0x0000000000400000-0x0000000000421000-memory.dmp

Filesize
132KB

Download
memory/840-53-0x0000000000400000-0x0000000000421000-memory.dmp

Filesize
132KB

Download
memory/840-54-0x0000000000400000-0x0000000000421000-memory.dmp

Filesize
132KB

Download
memory/840-61-0x0000000000400000-0x0000000000421000-memory.dmp

Filesize
132KB

Download
memory/840-62-0x0000000000400000-0x0000000000421000-memory.dmp

Filesize
132KB

Download