General

  • Target

    12743627e9cf2d6a9d32ba1e339f9d77_JaffaCakes118

  • Size

    167KB

  • Sample

    240626-srvxestaqj

  • MD5

    12743627e9cf2d6a9d32ba1e339f9d77

  • SHA1

    00299809f84f01c5ceef514506d2e3925a659222

  • SHA256

    dd7263bc8325236086c8d7f2baa2d1b11b1d4fb90a83c1766a7ba5271636cd3e

  • SHA512

    991fa0e48ad67a9c28719e6784667aeac259d643d39ff962d18c1334de1e7384142230bf0be049719d4bc78f9d153aa88369a77dbb10e61370ee4c3205a280ef

  • SSDEEP

    1536:RNpbWTono2PF9yJH9KBjH7ZoSQoL+Qz6AxAvf/PqhXnzyP5xC1VXfbJpeU4KyQ5n:odKFOoL16AOHHCRQU4S5GBWVLV

Malware Config

Targets

    • Target

      12743627e9cf2d6a9d32ba1e339f9d77_JaffaCakes118

    • Size

      167KB

    • MD5

      12743627e9cf2d6a9d32ba1e339f9d77

    • SHA1

      00299809f84f01c5ceef514506d2e3925a659222

    • SHA256

      dd7263bc8325236086c8d7f2baa2d1b11b1d4fb90a83c1766a7ba5271636cd3e

    • SHA512

      991fa0e48ad67a9c28719e6784667aeac259d643d39ff962d18c1334de1e7384142230bf0be049719d4bc78f9d153aa88369a77dbb10e61370ee4c3205a280ef

    • SSDEEP

      1536:RNpbWTono2PF9yJH9KBjH7ZoSQoL+Qz6AxAvf/PqhXnzyP5xC1VXfbJpeU4KyQ5n:odKFOoL16AOHHCRQU4S5GBWVLV

    • Modifies WinLogon for persistence

    • Ramnit

      Ramnit is a versatile family that holds viruses, worms, and Trojans.

    • Executes dropped EXE

    • Loads dropped DLL

    • UPX packed file

      Detects executables packed with UPX/modified UPX open source packer.

    • Drops file in System32 directory

MITRE ATT&CK Enterprise v15

Tasks