General

  • Target

    7b79f6f5f54abb39d7c5bf0c6ed3f42b_JaffaCakes118

  • Size

    516KB

  • Sample

    241029-cp5e3ssepe

  • MD5

    7b79f6f5f54abb39d7c5bf0c6ed3f42b

  • SHA1

    5e12676e78fa6410d14c0aeffd90b7c560e758e2

  • SHA256

    cbe85c38e2178a567bc083519db5fd6093b9110c73471feebd69b3f3408a4e6d

  • SHA512

    97fd79c21815e2791dc06db85121b61ac860221ae622b71f8613681c4cc6d7d3f9e09c73229ec2e3e343785c70b4f7974c660e047df17c388524cc550e5d48cb

  • SSDEEP

    12288:FV7LMzw56Wx1Dk/qon6xyYhgPFaUVltODy5fK:V1oC3yWgPFMwfK

Malware Config

Targets

    • Target

      7b79f6f5f54abb39d7c5bf0c6ed3f42b_JaffaCakes118

    • Size

      516KB

    • MD5

      7b79f6f5f54abb39d7c5bf0c6ed3f42b

    • SHA1

      5e12676e78fa6410d14c0aeffd90b7c560e758e2

    • SHA256

      cbe85c38e2178a567bc083519db5fd6093b9110c73471feebd69b3f3408a4e6d

    • SHA512

      97fd79c21815e2791dc06db85121b61ac860221ae622b71f8613681c4cc6d7d3f9e09c73229ec2e3e343785c70b4f7974c660e047df17c388524cc550e5d48cb

    • SSDEEP

      12288:FV7LMzw56Wx1Dk/qon6xyYhgPFaUVltODy5fK:V1oC3yWgPFMwfK

    • Modifies WinLogon for persistence

    • Ramnit

      Ramnit is a versatile family that holds viruses, worms, and Trojans.

    • Ramnit family

    • Executes dropped EXE

    • Loads dropped DLL

    • Drops file in System32 directory

    • UPX packed file

      Detects executables packed with UPX/modified UPX open source packer.

MITRE ATT&CK Enterprise v15

Tasks