General

  • Target

    0df51cc3d751230017e8319aac7d1ef5_JaffaCakes118

  • Size

    127KB

  • Sample

    240625-nzllhaxgpc

  • MD5

    0df51cc3d751230017e8319aac7d1ef5

  • SHA1

    423bf905e48c138f286e40dad18e68ba9128e5b6

  • SHA256

    6ef711a016ef3c9a3451be2100ff6a41e28c1f5d2b04ae304bf5d489fd7d5c6a

  • SHA512

    cfb707fe6097e9e069754afaf474779e2b615a82688fccd688fe2ca00412c615a34d6cf3819a24ff4c42ed0a7532160c6f97e98daf55c892c537b60ea1e9320f

  • SSDEEP

    3072:TMbIWiyr7pjvTooBFEbWwIUclTBft3+oT:TCIWiyr7JHn17lTBl3+o

Malware Config

Targets

    • Target

      0df51cc3d751230017e8319aac7d1ef5_JaffaCakes118

    • Size

      127KB

    • MD5

      0df51cc3d751230017e8319aac7d1ef5

    • SHA1

      423bf905e48c138f286e40dad18e68ba9128e5b6

    • SHA256

      6ef711a016ef3c9a3451be2100ff6a41e28c1f5d2b04ae304bf5d489fd7d5c6a

    • SHA512

      cfb707fe6097e9e069754afaf474779e2b615a82688fccd688fe2ca00412c615a34d6cf3819a24ff4c42ed0a7532160c6f97e98daf55c892c537b60ea1e9320f

    • SSDEEP

      3072:TMbIWiyr7pjvTooBFEbWwIUclTBft3+oT:TCIWiyr7JHn17lTBl3+o

    • Ramnit

      Ramnit is a versatile family that holds viruses, worms, and Trojans.

    • Checks BIOS information in registry

      BIOS information is often read in order to detect sandboxing environments.

    • Drops startup file

    • Drops file in System32 directory

MITRE ATT&CK Enterprise v15

Tasks