70ebd459ea9435082d133f952b1398e6ee31b65a08c0853f7126b19cdf2c80b5

Analysis

max time kernel
94s
max time network
145s
platform
windows10-2004_x64
resource
win10v2004-20241007-en
resource tags

arch:x64arch:x86image:win10v2004-20241007-enlocale:en-usos:windows10-2004-x64system
submitted
10/10/2024, 12:46

Sharing

Copy URL Twitter E-mail

Report Analysis Logs

General

Target

2fee2de5c63f5a0b14d89a023674fa3d_JaffaCakes118.exe
Size

148KB
MD5

2fee2de5c63f5a0b14d89a023674fa3d
SHA1

7fff6ed1a02d6f96def1a9a3f25ba02425cbdce4
SHA256

70ebd459ea9435082d133f952b1398e6ee31b65a08c0853f7126b19cdf2c80b5
SHA512

bff0d2962df4e2d15bc8c406c7db571c84dc2a2e8c971875c09b4b44019012043d096ca12497de6c5631f073dd05f2ebd37740829743588c16ba8377ba7d1e1a
SSDEEP

3072:g5BuV7IR+H7p+bYqTO5+wm8FN+pfx2cTrGSOMPyP:g5CtH77qL8oNIMPI

Score

3^/10

discovery

Malware Config

Signatures

System Location Discovery: System Language Discovery 1 TTPs 1 IoCs

Attempt gather information about the system language of a victim in order to infer the geographical location of that host.

discovery

System Language Discovery

T1614.001

description	ioc	Process
Key opened	\REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\NLS\Language	2fee2de5c63f5a0b14d89a023674fa3d_JaffaCakes118.exe

C:\Users\Admin\AppData\Local\Temp\2fee2de5c63f5a0b14d89a023674fa3d_JaffaCakes118.exe
"C:\Users\Admin\AppData\Local\Temp\2fee2de5c63f5a0b14d89a023674fa3d_JaffaCakes118.exe"
1⤵
- System Location Discovery: System Language Discovery
PID:2000

Network

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

System Location Discovery

T1614

System Language Discovery

T1614.001

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Analysis

Sharing

General

Malware Config

Signatures

Processes

Network

MITRE ATT&CK Enterprise v15

Replay Monitor

Loading Replay Monitor...

Downloads