General

  • Target

    7a009eddc6f5cc60026e507f467ec18c_JaffaCakes118

  • Size

    516KB

  • Sample

    241028-rjkwta1dnb

  • MD5

    7a009eddc6f5cc60026e507f467ec18c

  • SHA1

    56644c60795c5ac0cffdd370872a501b3dd0ad76

  • SHA256

    f107d2d8e4fed3ff51885c482c6764f5f95e810183f4a388b1c519abff29813b

  • SHA512

    3265e3d24b3962b0b505bb658b69fa011db02e469f7f4ba838c7bcc8d9ed2bbd5a051818d3c9eae7f805006498617ce6bb744d6f041de14c2bdb8b1c80ad4f2f

  • SSDEEP

    12288:eV7LMzw56Wx1Dk/qon6xyYhgPFaUVltU4jfvQjZz2:41oC3yWgPFxjfYF2

Malware Config

Targets

    • Target

      7a009eddc6f5cc60026e507f467ec18c_JaffaCakes118

    • Size

      516KB

    • MD5

      7a009eddc6f5cc60026e507f467ec18c

    • SHA1

      56644c60795c5ac0cffdd370872a501b3dd0ad76

    • SHA256

      f107d2d8e4fed3ff51885c482c6764f5f95e810183f4a388b1c519abff29813b

    • SHA512

      3265e3d24b3962b0b505bb658b69fa011db02e469f7f4ba838c7bcc8d9ed2bbd5a051818d3c9eae7f805006498617ce6bb744d6f041de14c2bdb8b1c80ad4f2f

    • SSDEEP

      12288:eV7LMzw56Wx1Dk/qon6xyYhgPFaUVltU4jfvQjZz2:41oC3yWgPFxjfYF2

    • Modifies WinLogon for persistence

    • Ramnit

      Ramnit is a versatile family that holds viruses, worms, and Trojans.

    • Ramnit family

    • Executes dropped EXE

    • Loads dropped DLL

    • Drops file in System32 directory

    • UPX packed file

      Detects executables packed with UPX/modified UPX open source packer.

MITRE ATT&CK Enterprise v15

Tasks