General

  • Target

    7a1616675b12bb07ed29c692dab8a25b_JaffaCakes118

  • Size

    120KB

  • Sample

    241028-r1q46azjgt

  • MD5

    7a1616675b12bb07ed29c692dab8a25b

  • SHA1

    62eb72a429b520645d8596e102a4b056a05b26c4

  • SHA256

    e6e9cf79ad3c207adf5a3bb661be067d4777ec331e044605a1d605ed08560eaa

  • SHA512

    239f9badc5864d6a0c25b3e12e15147c9acd6aaaf19c8f21c6dbf2c62a40c0389a437b83f02d0d3c72b9ccb2f41f3dec9a33a4db58dc885e3b928b2713b3cc4e

  • SSDEEP

    768:8Qxkwi2BsIqHpcrkMEYEhA7P4RhAtmaZFb79U9MKAjBEig6/1k21m3uHRdMNDj2Y:88kwiQTEhU4HDa1KkjWXUa21mc/Mue9

Malware Config

Targets

    • Target

      7a1616675b12bb07ed29c692dab8a25b_JaffaCakes118

    • Size

      120KB

    • MD5

      7a1616675b12bb07ed29c692dab8a25b

    • SHA1

      62eb72a429b520645d8596e102a4b056a05b26c4

    • SHA256

      e6e9cf79ad3c207adf5a3bb661be067d4777ec331e044605a1d605ed08560eaa

    • SHA512

      239f9badc5864d6a0c25b3e12e15147c9acd6aaaf19c8f21c6dbf2c62a40c0389a437b83f02d0d3c72b9ccb2f41f3dec9a33a4db58dc885e3b928b2713b3cc4e

    • SSDEEP

      768:8Qxkwi2BsIqHpcrkMEYEhA7P4RhAtmaZFb79U9MKAjBEig6/1k21m3uHRdMNDj2Y:88kwiQTEhU4HDa1KkjWXUa21mc/Mue9

    • Modifies WinLogon for persistence

    • Ramnit

      Ramnit is a versatile family that holds viruses, worms, and Trojans.

    • Ramnit family

    • Executes dropped EXE

    • Loads dropped DLL

    • Drops file in System32 directory

    • UPX packed file

      Detects executables packed with UPX/modified UPX open source packer.

MITRE ATT&CK Enterprise v15

Tasks