General

  • Target

    0efc771b9b0858b3fd0f1c5ddae9c7ae_JaffaCakes118

  • Size

    337KB

  • Sample

    240625-wdtc8awgpr

  • MD5

    0efc771b9b0858b3fd0f1c5ddae9c7ae

  • SHA1

    dd6d5926c70ff1a45250079c27f90f25cf2cc991

  • SHA256

    4a033a1bdfa68980e0556a262fc7b722ada5d9f3be0efe01a7c747a953315418

  • SHA512

    e730e1cf2b9710d31b97b6fa99d0f101a1ed3205cfb67517d03765196a5ada3e3044553c7b2c34928278ebd1df3d5e831cff5ede6903ac9b91199ce792dd2a88

  • SSDEEP

    6144:aN0yr1sO/wIKS0FKtOT/OrDtgUi0uvQee7Qee/0QeesQeeglQeekQeeDC7M3HCRB:aG6wndYtamDSU1MHCRflb

Malware Config

Targets

    • Target

      0efc771b9b0858b3fd0f1c5ddae9c7ae_JaffaCakes118

    • Size

      337KB

    • MD5

      0efc771b9b0858b3fd0f1c5ddae9c7ae

    • SHA1

      dd6d5926c70ff1a45250079c27f90f25cf2cc991

    • SHA256

      4a033a1bdfa68980e0556a262fc7b722ada5d9f3be0efe01a7c747a953315418

    • SHA512

      e730e1cf2b9710d31b97b6fa99d0f101a1ed3205cfb67517d03765196a5ada3e3044553c7b2c34928278ebd1df3d5e831cff5ede6903ac9b91199ce792dd2a88

    • SSDEEP

      6144:aN0yr1sO/wIKS0FKtOT/OrDtgUi0uvQee7Qee/0QeesQeeglQeekQeeDC7M3HCRB:aG6wndYtamDSU1MHCRflb

    • Modifies WinLogon for persistence

    • Ramnit

      Ramnit is a versatile family that holds viruses, worms, and Trojans.

    • Executes dropped EXE

    • Loads dropped DLL

    • UPX packed file

      Detects executables packed with UPX/modified UPX open source packer.

    • Drops file in System32 directory

MITRE ATT&CK Enterprise v15

Tasks