General

  • Target

    158ccbad9c0d11495d2a25bba0c0e984_JaffaCakes118

  • Size

    220KB

  • Sample

    241005-ba2vzawcrr

  • MD5

    158ccbad9c0d11495d2a25bba0c0e984

  • SHA1

    0b07d0b91017c4f897fa5fd029eefeb5f21de6dc

  • SHA256

    90796ea3ec667c4473b2d093c3ebc4183c5c76f56b59336443c403d674ad501e

  • SHA512

    6cd7a2a4ffaa7253d013c42d322832878c5c1047454bcc034e532b44b186885b2d2ab8f84e1c643b3d1230bb417c925c99a03c6028b69855144634e75f4d16e3

  • SSDEEP

    3072:J7naa9l+SUVuhfgWTzT9r9l1RxhcoeCXqRb27jU8xbT:J7n/lKmoWTzJrtrXkQjBbT

Malware Config

Targets

    • Target

      158ccbad9c0d11495d2a25bba0c0e984_JaffaCakes118

    • Size

      220KB

    • MD5

      158ccbad9c0d11495d2a25bba0c0e984

    • SHA1

      0b07d0b91017c4f897fa5fd029eefeb5f21de6dc

    • SHA256

      90796ea3ec667c4473b2d093c3ebc4183c5c76f56b59336443c403d674ad501e

    • SHA512

      6cd7a2a4ffaa7253d013c42d322832878c5c1047454bcc034e532b44b186885b2d2ab8f84e1c643b3d1230bb417c925c99a03c6028b69855144634e75f4d16e3

    • SSDEEP

      3072:J7naa9l+SUVuhfgWTzT9r9l1RxhcoeCXqRb27jU8xbT:J7n/lKmoWTzJrtrXkQjBbT

    • Modifies WinLogon for persistence

    • Ramnit

      Ramnit is a versatile family that holds viruses, worms, and Trojans.

    • Executes dropped EXE

    • Loads dropped DLL

    • Drops file in System32 directory

    • UPX packed file

      Detects executables packed with UPX/modified UPX open source packer.

MITRE ATT&CK Enterprise v15

Tasks