General

  • Target

    a9c42e63a604b07e33e551ba97974979_JaffaCakes118

  • Size

    158KB

  • Sample

    240614-p3j3hsvenm

  • MD5

    a9c42e63a604b07e33e551ba97974979

  • SHA1

    ccc7dac29cf8baf1c2fd8f15d017aa07de787ca5

  • SHA256

    544236c1621361dab5a4eb9e48cbc71dfe3d09a9e8473442180c6078c406f168

  • SHA512

    11c72d17cefdfa4433a6c592791a9b5679628fd807fc6eab65d239804f4998e62f9410ca268369b5e43eac299c1cd6a43a0f46fbcdc9fb227cc489e13f9d454e

  • SSDEEP

    3072:zOA5amec19yfkMY+BES09JXAnyrZalI+YQ:h5vpIsMYod+X3oI+YQ

Malware Config

Targets

    • Target

      a9c42e63a604b07e33e551ba97974979_JaffaCakes118

    • Size

      158KB

    • MD5

      a9c42e63a604b07e33e551ba97974979

    • SHA1

      ccc7dac29cf8baf1c2fd8f15d017aa07de787ca5

    • SHA256

      544236c1621361dab5a4eb9e48cbc71dfe3d09a9e8473442180c6078c406f168

    • SHA512

      11c72d17cefdfa4433a6c592791a9b5679628fd807fc6eab65d239804f4998e62f9410ca268369b5e43eac299c1cd6a43a0f46fbcdc9fb227cc489e13f9d454e

    • SSDEEP

      3072:zOA5amec19yfkMY+BES09JXAnyrZalI+YQ:h5vpIsMYod+X3oI+YQ

    • Ramnit

      Ramnit is a versatile family that holds viruses, worms, and Trojans.

    • Executes dropped EXE

    • Loads dropped DLL

    • UPX packed file

      Detects executables packed with UPX/modified UPX open source packer.

MITRE ATT&CK Matrix ATT&CK v13

Defense Evasion

Modify Registry

1
T1112

Discovery

Query Registry

1
T1012

System Information Discovery

1
T1082

Tasks