General

  • Target

    0d18ce10288c12628fb8b0b336486b83_JaffaCakes118

  • Size

    817KB

  • Sample

    240625-hfwpgaybrr

  • MD5

    0d18ce10288c12628fb8b0b336486b83

  • SHA1

    a280baeeef439b44ef1327bab1809aa794f63f55

  • SHA256

    ef6de36b04c57337a7a0077fb9bb87ce3864b3d59c021d7e99ae6bd224bd5c76

  • SHA512

    d50170db9089c8e2347283955da7d14f4fc5284125816e1313269fb5fa031932c817680912e90e3ee7ab0c33ca73a59d89149d780238644b94d42d1cdc190996

  • SSDEEP

    12288:3zCfOFgBcu2podGA4zevM1wr7thi0tMeZ1xSmxp2H888888888888W8888888888:5gBcRp8GA4z63HIynLCx8T

Malware Config

Targets

    • Target

      0d18ce10288c12628fb8b0b336486b83_JaffaCakes118

    • Size

      817KB

    • MD5

      0d18ce10288c12628fb8b0b336486b83

    • SHA1

      a280baeeef439b44ef1327bab1809aa794f63f55

    • SHA256

      ef6de36b04c57337a7a0077fb9bb87ce3864b3d59c021d7e99ae6bd224bd5c76

    • SHA512

      d50170db9089c8e2347283955da7d14f4fc5284125816e1313269fb5fa031932c817680912e90e3ee7ab0c33ca73a59d89149d780238644b94d42d1cdc190996

    • SSDEEP

      12288:3zCfOFgBcu2podGA4zevM1wr7thi0tMeZ1xSmxp2H888888888888W8888888888:5gBcRp8GA4z63HIynLCx8T

    • Modifies WinLogon for persistence

    • Ramnit

      Ramnit is a versatile family that holds viruses, worms, and Trojans.

    • Executes dropped EXE

    • Loads dropped DLL

    • UPX packed file

      Detects executables packed with UPX/modified UPX open source packer.

    • Drops file in System32 directory

MITRE ATT&CK Enterprise v15

Tasks