General

  • Target

    ac50816648c499681ed01b7b44c9db34_JaffaCakes118

  • Size

    348KB

  • Sample

    240615-a8xhgaxblq

  • MD5

    ac50816648c499681ed01b7b44c9db34

  • SHA1

    c5fa9ddfd804720b965b331074219eb99ef87e52

  • SHA256

    6c65f78d7c85cfd1f0a059f436fdbc586505a540cee70c8e627350a8d289dd2d

  • SHA512

    c0815f1d0b986507ead442ccdbb7c1d876bdf63f93ca1abac5c1196baa980c5391651b52c966e9935743bac5d3ce50964c2ffdbc52869ca2b1ddc5a7a3f88f51

  • SSDEEP

    6144:esMYod+X3oI+YWsMYod+X3oI+Y5sMYod+X3oI+YQ:c5d+X3u5d+X3f5d+X3+

Malware Config

Targets

    • Target

      ac50816648c499681ed01b7b44c9db34_JaffaCakes118

    • Size

      348KB

    • MD5

      ac50816648c499681ed01b7b44c9db34

    • SHA1

      c5fa9ddfd804720b965b331074219eb99ef87e52

    • SHA256

      6c65f78d7c85cfd1f0a059f436fdbc586505a540cee70c8e627350a8d289dd2d

    • SHA512

      c0815f1d0b986507ead442ccdbb7c1d876bdf63f93ca1abac5c1196baa980c5391651b52c966e9935743bac5d3ce50964c2ffdbc52869ca2b1ddc5a7a3f88f51

    • SSDEEP

      6144:esMYod+X3oI+YWsMYod+X3oI+Y5sMYod+X3oI+YQ:c5d+X3u5d+X3f5d+X3+

    • Ramnit

      Ramnit is a versatile family that holds viruses, worms, and Trojans.

    • Executes dropped EXE

    • Loads dropped DLL

    • UPX packed file

      Detects executables packed with UPX/modified UPX open source packer.

MITRE ATT&CK Matrix ATT&CK v13

Defense Evasion

Modify Registry

1
T1112

Discovery

Query Registry

1
T1012

System Information Discovery

1
T1082

Tasks