General

  • Target

    719ec6e9d02f6d2392506180335017db_JaffaCakes118

  • Size

    121KB

  • Sample

    240401-pcbcpadh81

  • MD5

    719ec6e9d02f6d2392506180335017db

  • SHA1

    4d18b602f609d1236fb8b652bc7c5789e754764c

  • SHA256

    5e1257a7d9d5167569f8478acea3ab7ca305094ca9f72cd546db49fe3b87a965

  • SHA512

    fa76261b8fad86e744d65410e5acac59d6c18495c840765f8b40bdda2306d99ac4bc3e332d14d852b104b35fbc85aeed632937da328f6b5fbb71bc1488c64380

  • SSDEEP

    3072:G63GIUchJGTgfB/ta4u661a9srlWr+beV+A5gBcGO+CfSMTA1:G63GASTywD6Vzr+m6J1

Malware Config

Targets

    • Target

      719ec6e9d02f6d2392506180335017db_JaffaCakes118

    • Size

      121KB

    • MD5

      719ec6e9d02f6d2392506180335017db

    • SHA1

      4d18b602f609d1236fb8b652bc7c5789e754764c

    • SHA256

      5e1257a7d9d5167569f8478acea3ab7ca305094ca9f72cd546db49fe3b87a965

    • SHA512

      fa76261b8fad86e744d65410e5acac59d6c18495c840765f8b40bdda2306d99ac4bc3e332d14d852b104b35fbc85aeed632937da328f6b5fbb71bc1488c64380

    • SSDEEP

      3072:G63GIUchJGTgfB/ta4u661a9srlWr+beV+A5gBcGO+CfSMTA1:G63GASTywD6Vzr+m6J1

    • Modifies firewall policy service

    • Ramnit

      Ramnit is a versatile family that holds viruses, worms, and Trojans.

    • Executes dropped EXE

    • Loads dropped DLL

    • UPX packed file

      Detects executables packed with UPX/modified UPX open source packer.

MITRE ATT&CK Enterprise v15

Tasks