General
-
Target
JaffaCakes118_6732633e1bc6d2e73502981ba32207c0
-
Size
586KB
-
Sample
250102-wzas1atmfr
-
MD5
6732633e1bc6d2e73502981ba32207c0
-
SHA1
252c599f0bca8f21993715458379a5cdd6fb1739
-
SHA256
91e0a363c3c1d3238d3d0a5bdb3d752d83c97bd74c647a8c510608c569bbbbbc
-
SHA512
35abde196a6bb1add814c25a7b9c5aff6827d99672a1e3448b9d362033ea1322f54aa14bb4e0c788161e48c0a76cc2ec1d8767828d82473cc5696f0898888b65
-
SSDEEP
12288:EOAPiyNf63XC0MKXVHRZCX6RnyUtNLSaa5+2M6XfuBG:ErP5flhKFHrSSyU+aa5+2M6PL
Malware Config
Targets
-
-
Target
JaffaCakes118_6732633e1bc6d2e73502981ba32207c0
-
Size
586KB
-
MD5
6732633e1bc6d2e73502981ba32207c0
-
SHA1
252c599f0bca8f21993715458379a5cdd6fb1739
-
SHA256
91e0a363c3c1d3238d3d0a5bdb3d752d83c97bd74c647a8c510608c569bbbbbc
-
SHA512
35abde196a6bb1add814c25a7b9c5aff6827d99672a1e3448b9d362033ea1322f54aa14bb4e0c788161e48c0a76cc2ec1d8767828d82473cc5696f0898888b65
-
SSDEEP
12288:EOAPiyNf63XC0MKXVHRZCX6RnyUtNLSaa5+2M6XfuBG:ErP5flhKFHrSSyU+aa5+2M6PL
Score10/10-
Ramnit
Ramnit is a versatile family that holds viruses, worms, and Trojans.
-
Ramnit family
-
Checks BIOS information in registry
BIOS information is often read in order to detect sandboxing environments.
-
Executes dropped EXE
-
Loads dropped DLL
-
Writes to the Master Boot Record (MBR)
Bootkits write to the MBR to gain persistence at a level below the operating system.
-
UPX packed file
Detects executables packed with UPX/modified UPX open source packer.
-