General
-
Target
JaffaCakes118_6db05eaa57b8fe2cf1571c82961907a6
-
Size
139KB
-
Sample
250103-s51ptstrcp
-
MD5
6db05eaa57b8fe2cf1571c82961907a6
-
SHA1
34ba14425af541e3ec6919bc91eeed07678a7752
-
SHA256
734fb4f53d07350313ccde0b366f37dce5f4bc4a7fffeb173d13a9b54d3a2fea
-
SHA512
cb3c575f94a04b65c292984e0f0a2c8cd2542f9519d3ac52270f71a0671f981bd02cdc04db605241ceb7c96284f6b7bb325030d3a5861e44dcf0199a6f09d5bd
-
SSDEEP
3072:8nxwgxgfR/DVG7wBpEsNDj4AYK66VklRJ:A+xDVG0BpV3o6VkDJ
Malware Config
Targets
-
-
Target
JaffaCakes118_6db05eaa57b8fe2cf1571c82961907a6
-
Size
139KB
-
MD5
6db05eaa57b8fe2cf1571c82961907a6
-
SHA1
34ba14425af541e3ec6919bc91eeed07678a7752
-
SHA256
734fb4f53d07350313ccde0b366f37dce5f4bc4a7fffeb173d13a9b54d3a2fea
-
SHA512
cb3c575f94a04b65c292984e0f0a2c8cd2542f9519d3ac52270f71a0671f981bd02cdc04db605241ceb7c96284f6b7bb325030d3a5861e44dcf0199a6f09d5bd
-
SSDEEP
3072:8nxwgxgfR/DVG7wBpEsNDj4AYK66VklRJ:A+xDVG0BpV3o6VkDJ
Score10/10-
Modifies WinLogon for persistence
-
Ramnit
Ramnit is a versatile family that holds viruses, worms, and Trojans.
-
Ramnit family
-
Executes dropped EXE
-
Loads dropped DLL
-
Drops file in System32 directory
-
UPX packed file
Detects executables packed with UPX/modified UPX open source packer.
-