General

  • Target

    abf593220f82fa4c0b53aa4f402865aa_JaffaCakes118

  • Size

    184KB

  • Sample

    240614-3ba77azgkg

  • MD5

    abf593220f82fa4c0b53aa4f402865aa

  • SHA1

    bab439aa4fa1d8aa999dd7a25a96aa367a27d1dd

  • SHA256

    f39a446bcac76db8aefc5ab8ce915f5c0e11918d279ec239e82c0f2489e5d970

  • SHA512

    1b15b4de9b93e215b89a6f5e075ec51040bd7d06f5a94b949a53c9d3669462426fc180955c498229e837db9b6334524bbdf04b8532012f4223a5dafc6dd70cde

  • SSDEEP

    3072:myfkMY+BES09JXAnyrZalI+Y6XXI6EyA8:jsMYod+X3oI+YS1tA8

Malware Config

Targets

    • Target

      abf593220f82fa4c0b53aa4f402865aa_JaffaCakes118

    • Size

      184KB

    • MD5

      abf593220f82fa4c0b53aa4f402865aa

    • SHA1

      bab439aa4fa1d8aa999dd7a25a96aa367a27d1dd

    • SHA256

      f39a446bcac76db8aefc5ab8ce915f5c0e11918d279ec239e82c0f2489e5d970

    • SHA512

      1b15b4de9b93e215b89a6f5e075ec51040bd7d06f5a94b949a53c9d3669462426fc180955c498229e837db9b6334524bbdf04b8532012f4223a5dafc6dd70cde

    • SSDEEP

      3072:myfkMY+BES09JXAnyrZalI+Y6XXI6EyA8:jsMYod+X3oI+YS1tA8

    • Ramnit

      Ramnit is a versatile family that holds viruses, worms, and Trojans.

    • Executes dropped EXE

    • Loads dropped DLL

    • UPX packed file

      Detects executables packed with UPX/modified UPX open source packer.

MITRE ATT&CK Matrix ATT&CK v13

Defense Evasion

Modify Registry

1
T1112

Discovery

Query Registry

1
T1012

System Information Discovery

1
T1082

Tasks