General

  • Target

    0dac447a4fd9e2eca5baee6b2ff2d69d_JaffaCakes118

  • Size

    337KB

  • Sample

    240625-l7hhpswgnp

  • MD5

    0dac447a4fd9e2eca5baee6b2ff2d69d

  • SHA1

    65cdb1aca874ce1cb8eea8b2da6a55cb2595eafb

  • SHA256

    5c186bf03bdf6881771f1efa9d2dade768ab5f1aa71a8d18cd9a4c7aeb9e4bc2

  • SHA512

    9ccc7946f15316d5ff438175c6610f0a1c0f2790d674b725b75fd014edb586898d9474358c74efaefb43b2ba77bc58045e8f131873c29b8fc331d0414d09ca59

  • SSDEEP

    6144:HN0yr1sO/wIKS0FKtOT/OrDtgUi0uvQee7Qee/0QeesQeeglQeekQeeDC7M+xMMF:dG6wndYtamDSU1Tb

Malware Config

Targets

    • Target

      0dac447a4fd9e2eca5baee6b2ff2d69d_JaffaCakes118

    • Size

      337KB

    • MD5

      0dac447a4fd9e2eca5baee6b2ff2d69d

    • SHA1

      65cdb1aca874ce1cb8eea8b2da6a55cb2595eafb

    • SHA256

      5c186bf03bdf6881771f1efa9d2dade768ab5f1aa71a8d18cd9a4c7aeb9e4bc2

    • SHA512

      9ccc7946f15316d5ff438175c6610f0a1c0f2790d674b725b75fd014edb586898d9474358c74efaefb43b2ba77bc58045e8f131873c29b8fc331d0414d09ca59

    • SSDEEP

      6144:HN0yr1sO/wIKS0FKtOT/OrDtgUi0uvQee7Qee/0QeesQeeglQeekQeeDC7M+xMMF:dG6wndYtamDSU1Tb

    • Modifies WinLogon for persistence

    • Ramnit

      Ramnit is a versatile family that holds viruses, worms, and Trojans.

    • Executes dropped EXE

    • Loads dropped DLL

    • UPX packed file

      Detects executables packed with UPX/modified UPX open source packer.

    • Drops file in System32 directory

MITRE ATT&CK Enterprise v15

Tasks