6836f2277e219dc8e30e26bd5a70e079a97d9826a95eac92594b29fbe004b979

Analysis

max time kernel
96s
max time network
149s
platform
windows10-2004_x64
resource
win10v2004-20241007-en
resource tags

arch:x64arch:x86image:win10v2004-20241007-enlocale:en-usos:windows10-2004-x64system
submitted
04/02/2025, 18:12

Sharing

Copy URL

Twitter E-mail

Report Analysis Logs

General

Target

JaffaCakes118_96d721f206bdf171992beb88c7ac76d3.exe
Size

253KB
MD5

96d721f206bdf171992beb88c7ac76d3
SHA1

14cf2574c3086ab339124ac5019dc223870450c4
SHA256

6836f2277e219dc8e30e26bd5a70e079a97d9826a95eac92594b29fbe004b979
SHA512

b950cfc74fe74108e4c2be061a341c6b35cac4d4a544dc4777b6ffc03237e011895cf298008a808ea9db7e284edda4d52bf67cd117d3a9de44a472fb368a43a6
SSDEEP

6144:/oMazGcbeLHWkd/1t8MUZ0qQgIX800Z6H3UMAj:AxzXeLHW8/1t8F0q+8vMW

Score

3^/10

discovery

Malware Config

Signatures

System Location Discovery: System Language Discovery 1 TTPs 1 IoCs

Attempt gather information about the system language of a victim in order to infer the geographical location of that host.

discovery

System Language Discovery

T1614.001

description	ioc	Process
Key opened	\REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\NLS\Language	JaffaCakes118_96d721f206bdf171992beb88c7ac76d3.exe

C:\Users\Admin\AppData\Local\Temp\JaffaCakes118_96d721f206bdf171992beb88c7ac76d3.exe
"C:\Users\Admin\AppData\Local\Temp\JaffaCakes118_96d721f206bdf171992beb88c7ac76d3.exe"
1⤵
- System Location Discovery: System Language Discovery
PID:2020

Network

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

System Location Discovery

T1614

System Language Discovery

T1614.001

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Analysis

Sharing

General

Malware Config

Signatures

Processes

Network

MITRE ATT&CK Enterprise v15

Replay Monitor

Loading Replay Monitor...

Downloads