General
-
Target
JaffaCakes118_6bea8c5b38897c74a85cdb8ae47913eb
-
Size
380KB
-
Sample
250131-tv528ssphm
-
MD5
6bea8c5b38897c74a85cdb8ae47913eb
-
SHA1
8160e6176b55b24dce43c4ca1bcfd885976efdf0
-
SHA256
28aa2f2eba6f2153a4e0ea31cd38f77de627cd61e6edb368f7cbf2cfae022356
-
SHA512
4a14a83bd99736fc682684232ea36c0790ca8ccb6eb5ed08a9399ebda7a861d5c9fe05b929c97aa1d9236b5c31bd89f35cd73e6a1b131e237ff8d8323932f333
-
SSDEEP
6144:mhwcskkkkknffCp5CrRKlua3BowIpTSGI:awqqPowgx
Malware Config
Targets
-
-
Target
JaffaCakes118_6bea8c5b38897c74a85cdb8ae47913eb
-
Size
380KB
-
MD5
6bea8c5b38897c74a85cdb8ae47913eb
-
SHA1
8160e6176b55b24dce43c4ca1bcfd885976efdf0
-
SHA256
28aa2f2eba6f2153a4e0ea31cd38f77de627cd61e6edb368f7cbf2cfae022356
-
SHA512
4a14a83bd99736fc682684232ea36c0790ca8ccb6eb5ed08a9399ebda7a861d5c9fe05b929c97aa1d9236b5c31bd89f35cd73e6a1b131e237ff8d8323932f333
-
SSDEEP
6144:mhwcskkkkknffCp5CrRKlua3BowIpTSGI:awqqPowgx
Score10/10-
Modifies WinLogon for persistence
-
Ramnit
Ramnit is a versatile family that holds viruses, worms, and Trojans.
-
Ramnit family
-
Executes dropped EXE
-
Loads dropped DLL
-
Drops file in System32 directory
-
UPX packed file
Detects executables packed with UPX/modified UPX open source packer.
-