General

  • Target

    acddc81d7df29a80c79cf68db2e3812d_JaffaCakes118

  • Size

    523KB

  • Sample

    240615-eypr4asflk

  • MD5

    acddc81d7df29a80c79cf68db2e3812d

  • SHA1

    c8bf9b5448d34af5731b44db476ee537e4d65c3f

  • SHA256

    c0519fd592896b2db8b19eedb4154efca3f97c24b90eac22de1467a6eb197a07

  • SHA512

    ea194304bec647f65bcda39ca2a244eb92108ccf3cba6268a77089549732fcd1c49205ceecec02cfd1752041bb52d7e8f019e9c1caaf570d8bcbee55992f4f1e

  • SSDEEP

    6144:SncsMYod+X3oI+YGVsjVBHsMYod+X3oI+YGVsjVRsMYod+X3oI+YGVsjVP:MK5d+X3zjVBr5d+X3zjVd5d+X3zjVP

Malware Config

Targets

    • Target

      acddc81d7df29a80c79cf68db2e3812d_JaffaCakes118

    • Size

      523KB

    • MD5

      acddc81d7df29a80c79cf68db2e3812d

    • SHA1

      c8bf9b5448d34af5731b44db476ee537e4d65c3f

    • SHA256

      c0519fd592896b2db8b19eedb4154efca3f97c24b90eac22de1467a6eb197a07

    • SHA512

      ea194304bec647f65bcda39ca2a244eb92108ccf3cba6268a77089549732fcd1c49205ceecec02cfd1752041bb52d7e8f019e9c1caaf570d8bcbee55992f4f1e

    • SSDEEP

      6144:SncsMYod+X3oI+YGVsjVBHsMYod+X3oI+YGVsjVRsMYod+X3oI+YGVsjVP:MK5d+X3zjVBr5d+X3zjVd5d+X3zjVP

    • Ramnit

      Ramnit is a versatile family that holds viruses, worms, and Trojans.

    • Executes dropped EXE

    • Loads dropped DLL

    • UPX packed file

      Detects executables packed with UPX/modified UPX open source packer.

MITRE ATT&CK Matrix ATT&CK v13

Defense Evasion

Modify Registry

1
T1112

Discovery

Query Registry

1
T1012

System Information Discovery

1
T1082

Tasks