General

  • Target

    0cc5bdef34888d934330c17e87c61a40_JaffaCakes118

  • Size

    166KB

  • Sample

    240625-f4g5waseqc

  • MD5

    0cc5bdef34888d934330c17e87c61a40

  • SHA1

    59b608e2726802bf59bf5ec83a68995f8721199f

  • SHA256

    38e831d6eb4f7d9fd54eddb5f7dbc6cf96e1b53af0e0b7859cd451ba30848544

  • SHA512

    01c7614d9322b720ac9d79e3e8bd55f3c6f3fe8fedeca817f2375cde0814aeabff6cd64e4bef129970dfd5c7ad371fe79d199be95f13f79132641714443d2fe9

  • SSDEEP

    1536:hNpbWTono2PF9yJH9KBjH7ZoSQoL+Qz6AxAvf/PqhXnzyP5xC1VXfbJpeU4KyQ5L:YdKFOoL16AOHHCRQU4S5GBWVLd

Malware Config

Targets

    • Target

      0cc5bdef34888d934330c17e87c61a40_JaffaCakes118

    • Size

      166KB

    • MD5

      0cc5bdef34888d934330c17e87c61a40

    • SHA1

      59b608e2726802bf59bf5ec83a68995f8721199f

    • SHA256

      38e831d6eb4f7d9fd54eddb5f7dbc6cf96e1b53af0e0b7859cd451ba30848544

    • SHA512

      01c7614d9322b720ac9d79e3e8bd55f3c6f3fe8fedeca817f2375cde0814aeabff6cd64e4bef129970dfd5c7ad371fe79d199be95f13f79132641714443d2fe9

    • SSDEEP

      1536:hNpbWTono2PF9yJH9KBjH7ZoSQoL+Qz6AxAvf/PqhXnzyP5xC1VXfbJpeU4KyQ5L:YdKFOoL16AOHHCRQU4S5GBWVLd

    • Modifies WinLogon for persistence

    • Ramnit

      Ramnit is a versatile family that holds viruses, worms, and Trojans.

    • Executes dropped EXE

    • Loads dropped DLL

    • UPX packed file

      Detects executables packed with UPX/modified UPX open source packer.

    • Drops file in System32 directory

MITRE ATT&CK Enterprise v15

Tasks