General

  • Target

    ac21b40cafcc3cae3cf05f7e717cd863_JaffaCakes118

  • Size

    672KB

  • Sample

    240615-aa21asvhlq

  • MD5

    ac21b40cafcc3cae3cf05f7e717cd863

  • SHA1

    e931b030824e80114b7213fd6b6d3ece31680334

  • SHA256

    7d31c6775435d9fa955e21a2634796e05567ebb8a20f8694ca5bbd004d32843e

  • SHA512

    844f966ab1c5f2f1089e60f7fce4ce2fcab27607bb9c90a7989e7b04076c96155f89826844a316132db334325159b9858bf0c5377e9761f8ca7aa966ab45f7e1

  • SSDEEP

    12288:n5d+X3Q5d+X3D5d+X3p5d+X3Q5d+X3f5d+X3+:X+K+7+F+K+P+e

Malware Config

Targets

    • Target

      ac21b40cafcc3cae3cf05f7e717cd863_JaffaCakes118

    • Size

      672KB

    • MD5

      ac21b40cafcc3cae3cf05f7e717cd863

    • SHA1

      e931b030824e80114b7213fd6b6d3ece31680334

    • SHA256

      7d31c6775435d9fa955e21a2634796e05567ebb8a20f8694ca5bbd004d32843e

    • SHA512

      844f966ab1c5f2f1089e60f7fce4ce2fcab27607bb9c90a7989e7b04076c96155f89826844a316132db334325159b9858bf0c5377e9761f8ca7aa966ab45f7e1

    • SSDEEP

      12288:n5d+X3Q5d+X3D5d+X3p5d+X3Q5d+X3f5d+X3+:X+K+7+F+K+P+e

    • Ramnit

      Ramnit is a versatile family that holds viruses, worms, and Trojans.

    • Executes dropped EXE

    • Loads dropped DLL

    • UPX packed file

      Detects executables packed with UPX/modified UPX open source packer.

MITRE ATT&CK Matrix ATT&CK v13

Defense Evasion

Modify Registry

1
T1112

Discovery

Query Registry

1
T1012

System Information Discovery

1
T1082

Tasks