General

  • Target

    69c6f14c52e401f4935837368f3aaa29_JaffaCakes118

  • Size

    189KB

  • Sample

    240523-ff5k9sec7z

  • MD5

    69c6f14c52e401f4935837368f3aaa29

  • SHA1

    fccf7c332d6a4623bdc40c2082940305f198eb0c

  • SHA256

    be76dd25ca02c03bdfd1830e82e147320aae1a7d47ca5eb3b7b207736a76099d

  • SHA512

    2773244909c64285659ffe2fb240a187588a59291221c2166310d3ef468de059f481f81ed8224a6b225040f7c0ca1cacfcb1dca5df16d6bb8dbb99ec520f4060

  • SSDEEP

    3072:yyfkMY+BES09JXAnyrZalI+Y6XXI6EyA8:3sMYod+X3oI+YS1tA8

Malware Config

Targets

    • Target

      69c6f14c52e401f4935837368f3aaa29_JaffaCakes118

    • Size

      189KB

    • MD5

      69c6f14c52e401f4935837368f3aaa29

    • SHA1

      fccf7c332d6a4623bdc40c2082940305f198eb0c

    • SHA256

      be76dd25ca02c03bdfd1830e82e147320aae1a7d47ca5eb3b7b207736a76099d

    • SHA512

      2773244909c64285659ffe2fb240a187588a59291221c2166310d3ef468de059f481f81ed8224a6b225040f7c0ca1cacfcb1dca5df16d6bb8dbb99ec520f4060

    • SSDEEP

      3072:yyfkMY+BES09JXAnyrZalI+Y6XXI6EyA8:3sMYod+X3oI+YS1tA8

    • Ramnit

      Ramnit is a versatile family that holds viruses, worms, and Trojans.

    • Executes dropped EXE

    • Loads dropped DLL

    • UPX packed file

      Detects executables packed with UPX/modified UPX open source packer.

MITRE ATT&CK Matrix ATT&CK v13

Defense Evasion

Modify Registry

1
T1112

Discovery

Query Registry

1
T1012

System Information Discovery

1
T1082

Tasks