General

  • Target

    a940fa30e01113aac1d48a34231a1230_JaffaCakes118

  • Size

    353KB

  • Sample

    240614-msjmws1clk

  • MD5

    a940fa30e01113aac1d48a34231a1230

  • SHA1

    66460fb8f7ed65ddfcb232cb84ced3170534445f

  • SHA256

    ccffc30987f246c0443835c5c3f62511abeed008905e28a116ccb3778993ad5f

  • SHA512

    c1f02cbe9f9d9fcc961db97886a515c62991b978a7c31102de3a0e70c54e5ea264c4f595cfa94f93b34559002ef86d7e7ceb2f31eeb3b151105ed4f00f545b17

  • SSDEEP

    6144:ScsMYod+X3oI+Y014xsMYod+X3oI+YosMYod+X3oI+YQ:v5d+X3CA5d+X3c5d+X3+

Malware Config

Targets

    • Target

      a940fa30e01113aac1d48a34231a1230_JaffaCakes118

    • Size

      353KB

    • MD5

      a940fa30e01113aac1d48a34231a1230

    • SHA1

      66460fb8f7ed65ddfcb232cb84ced3170534445f

    • SHA256

      ccffc30987f246c0443835c5c3f62511abeed008905e28a116ccb3778993ad5f

    • SHA512

      c1f02cbe9f9d9fcc961db97886a515c62991b978a7c31102de3a0e70c54e5ea264c4f595cfa94f93b34559002ef86d7e7ceb2f31eeb3b151105ed4f00f545b17

    • SSDEEP

      6144:ScsMYod+X3oI+Y014xsMYod+X3oI+YosMYod+X3oI+YQ:v5d+X3CA5d+X3c5d+X3+

    • Ramnit

      Ramnit is a versatile family that holds viruses, worms, and Trojans.

    • Executes dropped EXE

    • Loads dropped DLL

    • UPX packed file

      Detects executables packed with UPX/modified UPX open source packer.

MITRE ATT&CK Matrix ATT&CK v13

Defense Evasion

Modify Registry

1
T1112

Discovery

Query Registry

1
T1012

System Information Discovery

1
T1082

Tasks