General

  • Target

    0f31f2c7086406e97e2078d969aa40b3_JaffaCakes118

  • Size

    316KB

  • Sample

    240625-xtsbjaxdkg

  • MD5

    0f31f2c7086406e97e2078d969aa40b3

  • SHA1

    be44d48734b2ed6ac3c50ee7cfd1b446f03e9f1d

  • SHA256

    513bd64b2b9995c0445ab09b16f49ab86bee9cb6b4dd250621c0e6427972f7a5

  • SHA512

    174a7d51b16850743b6e67819e9029bbda4970625dd68f8133a70caeb478003872b7bd7d41d81d722be0e51eeaf9838c3e85fcf9a63ffdc5b119d8940c2c5301

  • SSDEEP

    6144:rrkYHjIWeWcd71byn1KQo30YVFTAiiNi/tb1PGk0zAa3n:cYHjIWPo71byIzmvyd1Ok0zAaX

Malware Config

Targets

    • Target

      0f31f2c7086406e97e2078d969aa40b3_JaffaCakes118

    • Size

      316KB

    • MD5

      0f31f2c7086406e97e2078d969aa40b3

    • SHA1

      be44d48734b2ed6ac3c50ee7cfd1b446f03e9f1d

    • SHA256

      513bd64b2b9995c0445ab09b16f49ab86bee9cb6b4dd250621c0e6427972f7a5

    • SHA512

      174a7d51b16850743b6e67819e9029bbda4970625dd68f8133a70caeb478003872b7bd7d41d81d722be0e51eeaf9838c3e85fcf9a63ffdc5b119d8940c2c5301

    • SSDEEP

      6144:rrkYHjIWeWcd71byn1KQo30YVFTAiiNi/tb1PGk0zAa3n:cYHjIWPo71byIzmvyd1Ok0zAaX

    • Ramnit

      Ramnit is a versatile family that holds viruses, worms, and Trojans.

    • Executes dropped EXE

    • Loads dropped DLL

    • UPX packed file

      Detects executables packed with UPX/modified UPX open source packer.

    • Drops file in System32 directory

    • Suspicious use of SetThreadContext

MITRE ATT&CK Matrix

Tasks