General

  • Target

    10fb7fd283f6e9218994b12e0e376e18_JaffaCakes118

  • Size

    164KB

  • Sample

    241003-3xq6jaxbrb

  • MD5

    10fb7fd283f6e9218994b12e0e376e18

  • SHA1

    3908d9d627da59ef6e22bd11b75b6def7e7c0bff

  • SHA256

    cc897dcd0d0013e232564d73f36a272c1d87fed8e22746dcd6db580724c48eca

  • SHA512

    54810aa5a4fb23fc37e0eaa1ec03ce407afdf4219bd7283f283297dccfb05dc2099654b22832b297a23f6c5175f513b273f2777b05dbaeed1d1e147db8b1b2f4

  • SSDEEP

    3072:zibTTp78CcWGszTFvRwKGO2H0Qr7rjWx7RMna6PtowM:cT14RMVRwVr7gSn5owM

Malware Config

Targets

    • Target

      10fb7fd283f6e9218994b12e0e376e18_JaffaCakes118

    • Size

      164KB

    • MD5

      10fb7fd283f6e9218994b12e0e376e18

    • SHA1

      3908d9d627da59ef6e22bd11b75b6def7e7c0bff

    • SHA256

      cc897dcd0d0013e232564d73f36a272c1d87fed8e22746dcd6db580724c48eca

    • SHA512

      54810aa5a4fb23fc37e0eaa1ec03ce407afdf4219bd7283f283297dccfb05dc2099654b22832b297a23f6c5175f513b273f2777b05dbaeed1d1e147db8b1b2f4

    • SSDEEP

      3072:zibTTp78CcWGszTFvRwKGO2H0Qr7rjWx7RMna6PtowM:cT14RMVRwVr7gSn5owM

    • Modifies WinLogon for persistence

    • Ramnit

      Ramnit is a versatile family that holds viruses, worms, and Trojans.

    • Executes dropped EXE

    • Loads dropped DLL

    • Drops file in System32 directory

    • UPX packed file

      Detects executables packed with UPX/modified UPX open source packer.

MITRE ATT&CK Enterprise v15

Tasks