General

  • Target

    abfe76e0138ffd59e43f68aaf226884b_JaffaCakes118

  • Size

    693KB

  • Sample

    240614-3gmheavanm

  • MD5

    abfe76e0138ffd59e43f68aaf226884b

  • SHA1

    e2cf0ffbdc4344f1247a2def3d4c58ee51aa097d

  • SHA256

    be6d1e420edef527da40d2ac8c62be18c573ec86add86754e84e21fd226af01d

  • SHA512

    1406fab35d7cc97877ad3154e6f209dd6b64d5d02769cd7159d7be5f85ebd17b926dcb9bd16077820d5fe4c143a4d37d5fbab4cafe529f29a78bfa4ed1197d33

  • SSDEEP

    12288:TM5d+X3c5d+X335d+X3P5d+X3u5d+X3Y5d+X3+:Tu+++n+f+s+y+e

Malware Config

Targets

    • Target

      abfe76e0138ffd59e43f68aaf226884b_JaffaCakes118

    • Size

      693KB

    • MD5

      abfe76e0138ffd59e43f68aaf226884b

    • SHA1

      e2cf0ffbdc4344f1247a2def3d4c58ee51aa097d

    • SHA256

      be6d1e420edef527da40d2ac8c62be18c573ec86add86754e84e21fd226af01d

    • SHA512

      1406fab35d7cc97877ad3154e6f209dd6b64d5d02769cd7159d7be5f85ebd17b926dcb9bd16077820d5fe4c143a4d37d5fbab4cafe529f29a78bfa4ed1197d33

    • SSDEEP

      12288:TM5d+X3c5d+X335d+X3P5d+X3u5d+X3Y5d+X3+:Tu+++n+f+s+y+e

    • Ramnit

      Ramnit is a versatile family that holds viruses, worms, and Trojans.

    • Executes dropped EXE

    • Loads dropped DLL

    • UPX packed file

      Detects executables packed with UPX/modified UPX open source packer.

MITRE ATT&CK Matrix ATT&CK v13

Defense Evasion

Modify Registry

1
T1112

Discovery

System Information Discovery

2
T1082

Query Registry

1
T1012

Tasks