General

  • Target

    a1419a3af34e9adf1d4484ffe044b6f5_JaffaCakes118

  • Size

    383KB

  • Sample

    240612-th324svdlq

  • MD5

    a1419a3af34e9adf1d4484ffe044b6f5

  • SHA1

    462561dfa8f7e3f54a765600e60345698b9edee8

  • SHA256

    8da4ca0279e65a85512694993ab8c21a370a6fb5b155e8dc0904716af617035d

  • SHA512

    3010c4c872980e987059d49d3e37883709b7cc39126beab476ea42ba0415636147d0550dcc2f9beaaf2ebec6ff02438fb94cc51d0efb1eab007664e7a334ae70

  • SSDEEP

    6144:ST+sMYod+X3oI+YzsMYod+X3oI+YLsMYod+X3oI+YQ:L5d+X395d+X315d+X3+

Malware Config

Targets

    • Target

      a1419a3af34e9adf1d4484ffe044b6f5_JaffaCakes118

    • Size

      383KB

    • MD5

      a1419a3af34e9adf1d4484ffe044b6f5

    • SHA1

      462561dfa8f7e3f54a765600e60345698b9edee8

    • SHA256

      8da4ca0279e65a85512694993ab8c21a370a6fb5b155e8dc0904716af617035d

    • SHA512

      3010c4c872980e987059d49d3e37883709b7cc39126beab476ea42ba0415636147d0550dcc2f9beaaf2ebec6ff02438fb94cc51d0efb1eab007664e7a334ae70

    • SSDEEP

      6144:ST+sMYod+X3oI+YzsMYod+X3oI+YLsMYod+X3oI+YQ:L5d+X395d+X315d+X3+

    • Ramnit

      Ramnit is a versatile family that holds viruses, worms, and Trojans.

    • Executes dropped EXE

    • Loads dropped DLL

    • UPX packed file

      Detects executables packed with UPX/modified UPX open source packer.

MITRE ATT&CK Matrix ATT&CK v13

Defense Evasion

Modify Registry

1
T1112

Discovery

Query Registry

1
T1012

System Information Discovery

1
T1082

Tasks