General

  • Target

    a36954c5136ff1b3e3863c24689b0762_JaffaCakes118

  • Size

    174KB

  • Sample

    240613-b49snstckk

  • MD5

    a36954c5136ff1b3e3863c24689b0762

  • SHA1

    52f2fc59781d24ecd7fa20b44632b696664dea1f

  • SHA256

    4b4f400bb4deece96c6a18efca56626cb683e8be646790a0d65670e1df68f555

  • SHA512

    18fe53dd79f1ad00e5ab6f219ee108725136a88f2da0144a1551d922561a52f7dc77a77c43779cfe6d66c7d551f9a5e8e2bb8248fddd034ec424dfaf374d2d84

  • SSDEEP

    3072:SyayfkMY+BES09JXAnyrZalI+Y5N86QwUdedbFilfO5YFiM:Sy/sMYod+X3oI+Yn86/U9jFiM

Malware Config

Targets

    • Target

      a36954c5136ff1b3e3863c24689b0762_JaffaCakes118

    • Size

      174KB

    • MD5

      a36954c5136ff1b3e3863c24689b0762

    • SHA1

      52f2fc59781d24ecd7fa20b44632b696664dea1f

    • SHA256

      4b4f400bb4deece96c6a18efca56626cb683e8be646790a0d65670e1df68f555

    • SHA512

      18fe53dd79f1ad00e5ab6f219ee108725136a88f2da0144a1551d922561a52f7dc77a77c43779cfe6d66c7d551f9a5e8e2bb8248fddd034ec424dfaf374d2d84

    • SSDEEP

      3072:SyayfkMY+BES09JXAnyrZalI+Y5N86QwUdedbFilfO5YFiM:Sy/sMYod+X3oI+Yn86/U9jFiM

    • Ramnit

      Ramnit is a versatile family that holds viruses, worms, and Trojans.

    • Executes dropped EXE

    • Loads dropped DLL

    • UPX packed file

      Detects executables packed with UPX/modified UPX open source packer.

MITRE ATT&CK Matrix ATT&CK v13

Defense Evasion

Modify Registry

1
T1112

Discovery

Query Registry

1
T1012

System Information Discovery

1
T1082

Tasks