General
-
Target
f04cb3a991002dad8c1da1cc239e8d2a_JaffaCakes118
-
Size
468KB
-
Sample
241214-x2tvbstkfn
-
MD5
f04cb3a991002dad8c1da1cc239e8d2a
-
SHA1
29f74b97a0d20691b904954c6941657cb9da0906
-
SHA256
7e5833acd8f5773bae6b800c7a0ba78d52641ea7ce1108f5a22f64f01db07342
-
SHA512
90b55ebc79ca057199e46017352533f17ab0558e8b96ebd314c614da9433f3ecd72be66420fc61bf518da663595a4e8f9522bbd70ae69dbfb10a7b287a988f10
-
SSDEEP
12288:coz83OtIEzW+/m/AyF7bCrO/ExF16u5ktOqk:xbIEzW+/m/rF7kc813eOqk
Malware Config
Targets
-
-
Target
f04cb3a991002dad8c1da1cc239e8d2a_JaffaCakes118
-
Size
468KB
-
MD5
f04cb3a991002dad8c1da1cc239e8d2a
-
SHA1
29f74b97a0d20691b904954c6941657cb9da0906
-
SHA256
7e5833acd8f5773bae6b800c7a0ba78d52641ea7ce1108f5a22f64f01db07342
-
SHA512
90b55ebc79ca057199e46017352533f17ab0558e8b96ebd314c614da9433f3ecd72be66420fc61bf518da663595a4e8f9522bbd70ae69dbfb10a7b287a988f10
-
SSDEEP
12288:coz83OtIEzW+/m/AyF7bCrO/ExF16u5ktOqk:xbIEzW+/m/rF7kc813eOqk
Score10/10-
Modifies WinLogon for persistence
-
Ramnit
Ramnit is a versatile family that holds viruses, worms, and Trojans.
-
Ramnit family
-
Executes dropped EXE
-
Loads dropped DLL
-
Drops file in System32 directory
-
UPX packed file
Detects executables packed with UPX/modified UPX open source packer.
-