General

  • Target

    abf4a7488d9795277cbd1118c8841513_JaffaCakes118

  • Size

    159KB

  • Sample

    240614-3anrwstgkl

  • MD5

    abf4a7488d9795277cbd1118c8841513

  • SHA1

    5a2d258d59b11136fb61e808a8964118a323d8ec

  • SHA256

    49e4aee60e92ba1c9ee7f04508c2242cc1b4af7be053c419cb07293cdc8cb9fb

  • SHA512

    624c9729a856d3b7695be7681106c2a70b74be3d440f9e2849978d628f86e7e48c164af0b608716e9abb02593e775319ed75cf61e55d3ed8bb58d699fdac1427

  • SSDEEP

    3072:i6VtxwAmcqyfkMY+BES09JXAnyrZalI+YQ:i6tmcPsMYod+X3oI+YQ

Malware Config

Targets

    • Target

      abf4a7488d9795277cbd1118c8841513_JaffaCakes118

    • Size

      159KB

    • MD5

      abf4a7488d9795277cbd1118c8841513

    • SHA1

      5a2d258d59b11136fb61e808a8964118a323d8ec

    • SHA256

      49e4aee60e92ba1c9ee7f04508c2242cc1b4af7be053c419cb07293cdc8cb9fb

    • SHA512

      624c9729a856d3b7695be7681106c2a70b74be3d440f9e2849978d628f86e7e48c164af0b608716e9abb02593e775319ed75cf61e55d3ed8bb58d699fdac1427

    • SSDEEP

      3072:i6VtxwAmcqyfkMY+BES09JXAnyrZalI+YQ:i6tmcPsMYod+X3oI+YQ

    • Ramnit

      Ramnit is a versatile family that holds viruses, worms, and Trojans.

    • Executes dropped EXE

    • Loads dropped DLL

    • UPX packed file

      Detects executables packed with UPX/modified UPX open source packer.

MITRE ATT&CK Matrix ATT&CK v13

Defense Evasion

Modify Registry

1
T1112

Discovery

Query Registry

1
T1012

System Information Discovery

1
T1082

Tasks