General
-
Target
JaffaCakes118_e8c2d07000ad1239b2215311f5a4c226
-
Size
93KB
-
Sample
250120-qpl6ds1lhs
-
MD5
e8c2d07000ad1239b2215311f5a4c226
-
SHA1
27eb7111d838ca2ccd896592674d9efc46007178
-
SHA256
144028aa29e08af492ee6f3fc2a9ae547080c7f80021ae341b08776ddd1b88a3
-
SHA512
50023fa3618395ec64f16da251d4dad48173b6d083a65090fd20202c8e0a425482422e08f95c2f7d155bd04ad24696e21e78bb6fddbd63afbd49accb1b64ec74
-
SSDEEP
1536:aVZnxm6MG9xgfrvEaoiT/GyphjXDYjKwttoswRmhApE:qnxwgxgfR/DVG7wBpE
Malware Config
Targets
-
-
Target
JaffaCakes118_e8c2d07000ad1239b2215311f5a4c226
-
Size
93KB
-
MD5
e8c2d07000ad1239b2215311f5a4c226
-
SHA1
27eb7111d838ca2ccd896592674d9efc46007178
-
SHA256
144028aa29e08af492ee6f3fc2a9ae547080c7f80021ae341b08776ddd1b88a3
-
SHA512
50023fa3618395ec64f16da251d4dad48173b6d083a65090fd20202c8e0a425482422e08f95c2f7d155bd04ad24696e21e78bb6fddbd63afbd49accb1b64ec74
-
SSDEEP
1536:aVZnxm6MG9xgfrvEaoiT/GyphjXDYjKwttoswRmhApE:qnxwgxgfR/DVG7wBpE
Score10/10-
Modifies WinLogon for persistence
-
Ramnit
Ramnit is a versatile family that holds viruses, worms, and Trojans.
-
Ramnit family
-
Executes dropped EXE
-
Loads dropped DLL
-
Drops file in System32 directory
-
UPX packed file
Detects executables packed with UPX/modified UPX open source packer.
-