General
-
Target
fcc1788ce721d661f8ce7c8b28c22b07_JaffaCakes118
-
Size
92KB
-
Sample
240420-pg3bzahc2z
-
MD5
fcc1788ce721d661f8ce7c8b28c22b07
-
SHA1
1bc5ced650577d0f46f8d75624a930040d888d76
-
SHA256
e879b541bc481a3d5b1c9ce416746138fc9c44908777f6c37d9fc7ad474f40bb
-
SHA512
be83ddc3197881a982510ce13f49be469979ee3871238f71999dbbc2859e33a270099f72b24f9a33920c5507990d45ad3394baff0e1e5c6ec87541f110c014d2
-
SSDEEP
1536:OVZnxm6MG9xgfrvEaoiT/GyphjXDYjKwttoswRmhApE:enxwgxgfR/DVG7wBpE
Malware Config
Targets
-
-
Target
fcc1788ce721d661f8ce7c8b28c22b07_JaffaCakes118
-
Size
92KB
-
MD5
fcc1788ce721d661f8ce7c8b28c22b07
-
SHA1
1bc5ced650577d0f46f8d75624a930040d888d76
-
SHA256
e879b541bc481a3d5b1c9ce416746138fc9c44908777f6c37d9fc7ad474f40bb
-
SHA512
be83ddc3197881a982510ce13f49be469979ee3871238f71999dbbc2859e33a270099f72b24f9a33920c5507990d45ad3394baff0e1e5c6ec87541f110c014d2
-
SSDEEP
1536:OVZnxm6MG9xgfrvEaoiT/GyphjXDYjKwttoswRmhApE:enxwgxgfR/DVG7wBpE
Score10/10-
Modifies WinLogon for persistence
-
Ramnit
Ramnit is a versatile family that holds viruses, worms, and Trojans.
-
Executes dropped EXE
-
Loads dropped DLL
-
UPX packed file
Detects executables packed with UPX/modified UPX open source packer.
-
Drops file in System32 directory
-