General
-
Target
fa89cf7c71a9c8bfa3a07b1847865bd7_JaffaCakes118
-
Size
218KB
-
Sample
240419-r7x62sfa86
-
MD5
fa89cf7c71a9c8bfa3a07b1847865bd7
-
SHA1
7fccf4848c977b85b4a22cee6042995e512f30a6
-
SHA256
3fc3bbce0cac6765347e077739f044f5c4c58aa360775853824200b7c2afcdd1
-
SHA512
6d9b62bd99cf6c186ee7fb860ba7a52b418334606b1bfe6de3886ecdf4d2ff93e13d480f9e0825f86b54fbb0c986d09816cb402d93f87303ce26bc8eb028f7d7
-
SSDEEP
6144:0dTpountf75IwkcQRr8WMvJyHM1FIVbSL:ilouh+XvSJjKbSL
Malware Config
Targets
-
-
Target
fa89cf7c71a9c8bfa3a07b1847865bd7_JaffaCakes118
-
Size
218KB
-
MD5
fa89cf7c71a9c8bfa3a07b1847865bd7
-
SHA1
7fccf4848c977b85b4a22cee6042995e512f30a6
-
SHA256
3fc3bbce0cac6765347e077739f044f5c4c58aa360775853824200b7c2afcdd1
-
SHA512
6d9b62bd99cf6c186ee7fb860ba7a52b418334606b1bfe6de3886ecdf4d2ff93e13d480f9e0825f86b54fbb0c986d09816cb402d93f87303ce26bc8eb028f7d7
-
SSDEEP
6144:0dTpountf75IwkcQRr8WMvJyHM1FIVbSL:ilouh+XvSJjKbSL
Score10/10-
Modifies WinLogon for persistence
-
Ramnit
Ramnit is a versatile family that holds viruses, worms, and Trojans.
-
Executes dropped EXE
-
Loads dropped DLL
-
UPX packed file
Detects executables packed with UPX/modified UPX open source packer.
-
Drops file in System32 directory
-