General
-
Target
JaffaCakes118_83faa932776941d39b8fa3962b6b3264
-
Size
92KB
-
Sample
250116-2vlmlasqe1
-
MD5
83faa932776941d39b8fa3962b6b3264
-
SHA1
37726030a9d3c8892eaa453aeb2e15328c32e82e
-
SHA256
118807737126b745c34c2ed098e322d368116dd83c8354a8742185eabb521e9d
-
SHA512
5ff2dc5f4a430a6dab617a59028699586f4e77cc535d0b19fbf1a0efd5b01ff87148f510d7e0578b064a8513d31a9cb047c93e29fcdf032464b6f33334c106b9
-
SSDEEP
1536:QVZnxm6MG9xgfrvEaoiT/GyphjXDYjKwttoswRmhApE:gnxwgxgfR/DVG7wBpE
Malware Config
Targets
-
-
Target
JaffaCakes118_83faa932776941d39b8fa3962b6b3264
-
Size
92KB
-
MD5
83faa932776941d39b8fa3962b6b3264
-
SHA1
37726030a9d3c8892eaa453aeb2e15328c32e82e
-
SHA256
118807737126b745c34c2ed098e322d368116dd83c8354a8742185eabb521e9d
-
SHA512
5ff2dc5f4a430a6dab617a59028699586f4e77cc535d0b19fbf1a0efd5b01ff87148f510d7e0578b064a8513d31a9cb047c93e29fcdf032464b6f33334c106b9
-
SSDEEP
1536:QVZnxm6MG9xgfrvEaoiT/GyphjXDYjKwttoswRmhApE:gnxwgxgfR/DVG7wBpE
Score10/10-
Modifies WinLogon for persistence
-
Ramnit
Ramnit is a versatile family that holds viruses, worms, and Trojans.
-
Ramnit family
-
Executes dropped EXE
-
Loads dropped DLL
-
Drops file in System32 directory
-
UPX packed file
Detects executables packed with UPX/modified UPX open source packer.
-