General

  • Target

    acaf3cb9fef0641645230013fe3e5376_JaffaCakes118

  • Size

    155KB

  • Sample

    240615-djyk1sxcmd

  • MD5

    acaf3cb9fef0641645230013fe3e5376

  • SHA1

    1366bb51e8e9aaa935d230026e48749d6b9cc758

  • SHA256

    c50361a5da48ccefa97be5b03b118b20e35b93ec0079b9058d49a434ac84f6e7

  • SHA512

    f992b440e4a418d55ca9ef2e572f1e18e3fa308eb0468b78e1810faa14980c9ccaa8868bcf8b201b165ed46cf62407e97ee9b1f48c6b9214de89e10cb162393e

  • SSDEEP

    3072:i+eh90lk/y1yfkMY+BES09JXAnyrZalI+YQ:ip0+/ygsMYod+X3oI+YQ

Malware Config

Targets

    • Target

      acaf3cb9fef0641645230013fe3e5376_JaffaCakes118

    • Size

      155KB

    • MD5

      acaf3cb9fef0641645230013fe3e5376

    • SHA1

      1366bb51e8e9aaa935d230026e48749d6b9cc758

    • SHA256

      c50361a5da48ccefa97be5b03b118b20e35b93ec0079b9058d49a434ac84f6e7

    • SHA512

      f992b440e4a418d55ca9ef2e572f1e18e3fa308eb0468b78e1810faa14980c9ccaa8868bcf8b201b165ed46cf62407e97ee9b1f48c6b9214de89e10cb162393e

    • SSDEEP

      3072:i+eh90lk/y1yfkMY+BES09JXAnyrZalI+YQ:ip0+/ygsMYod+X3oI+YQ

    • Ramnit

      Ramnit is a versatile family that holds viruses, worms, and Trojans.

    • Executes dropped EXE

    • Loads dropped DLL

    • UPX packed file

      Detects executables packed with UPX/modified UPX open source packer.

MITRE ATT&CK Matrix ATT&CK v13

Defense Evasion

Modify Registry

1
T1112

Discovery

Query Registry

1
T1012

System Information Discovery

1
T1082

Tasks