General

  • Target

    0efa3c02af556fbfac0fb3f34ba5d212_JaffaCakes118

  • Size

    200KB

  • Sample

    241003-l8jgdswhll

  • MD5

    0efa3c02af556fbfac0fb3f34ba5d212

  • SHA1

    8aa2c84bae463e49006a6526d8faa46de2444adc

  • SHA256

    f566a830226a372513227249d43ee2f75eb05d8c3a20f311d033d51d439793ca

  • SHA512

    1f6a33f5fdfef18464b9ecf3a0dc918abf4057ddf78011fb91fdb11bc28b5b4d66ed4dce5a3579995f669142d112299083da58f68b7a0d6f6e30ed064f479458

  • SSDEEP

    3072:f0q0LA67ygN3R3zsc3rM7xCpGjzHn/MMEQtKG3OE3pCZibubeO:cq0LX/3wRzPnk4tKG+E3pCob3O

Malware Config

Targets

    • Target

      0efa3c02af556fbfac0fb3f34ba5d212_JaffaCakes118

    • Size

      200KB

    • MD5

      0efa3c02af556fbfac0fb3f34ba5d212

    • SHA1

      8aa2c84bae463e49006a6526d8faa46de2444adc

    • SHA256

      f566a830226a372513227249d43ee2f75eb05d8c3a20f311d033d51d439793ca

    • SHA512

      1f6a33f5fdfef18464b9ecf3a0dc918abf4057ddf78011fb91fdb11bc28b5b4d66ed4dce5a3579995f669142d112299083da58f68b7a0d6f6e30ed064f479458

    • SSDEEP

      3072:f0q0LA67ygN3R3zsc3rM7xCpGjzHn/MMEQtKG3OE3pCZibubeO:cq0LX/3wRzPnk4tKG+E3pCob3O

    • Modifies WinLogon for persistence

    • Ramnit

      Ramnit is a versatile family that holds viruses, worms, and Trojans.

    • Executes dropped EXE

    • Loads dropped DLL

    • Drops file in System32 directory

    • UPX packed file

      Detects executables packed with UPX/modified UPX open source packer.

MITRE ATT&CK Enterprise v15

Tasks