General
-
Target
18b8092580933c69ec5cdc4a6d9e069d_JaffaCakes118
-
Size
140KB
-
Sample
240628-env65ashql
-
MD5
18b8092580933c69ec5cdc4a6d9e069d
-
SHA1
a1185d44fbbfe300cbe5e7ecfaa99d69df8e2c5f
-
SHA256
dfe70fe5d0b6e8a3e6047d61f2f30d24133147eec6415d3714e428b4c1c42ed4
-
SHA512
516db724239ddd89d715e8cfa835eec5386849784aeef45ece8f96bd1c41d1b7a7f6fd9a2f38f743b8168be271c582817c591472d33adb6146953f8d4f1d1e60
-
SSDEEP
1536:MmtsAKVnqPXrV2JmlrH+xaCldfidXR7aWSHZ0nvIMM55fXPhlF3HtoIgxLn:MmexVnIRF+XfOR7M5mvIMIXhT3NjUn
Malware Config
Targets
-
-
Target
18b8092580933c69ec5cdc4a6d9e069d_JaffaCakes118
-
Size
140KB
-
MD5
18b8092580933c69ec5cdc4a6d9e069d
-
SHA1
a1185d44fbbfe300cbe5e7ecfaa99d69df8e2c5f
-
SHA256
dfe70fe5d0b6e8a3e6047d61f2f30d24133147eec6415d3714e428b4c1c42ed4
-
SHA512
516db724239ddd89d715e8cfa835eec5386849784aeef45ece8f96bd1c41d1b7a7f6fd9a2f38f743b8168be271c582817c591472d33adb6146953f8d4f1d1e60
-
SSDEEP
1536:MmtsAKVnqPXrV2JmlrH+xaCldfidXR7aWSHZ0nvIMM55fXPhlF3HtoIgxLn:MmexVnIRF+XfOR7M5mvIMIXhT3NjUn
Score10/10-
Ramnit
Ramnit is a versatile family that holds viruses, worms, and Trojans.
-
Checks computer location settings
Looks up country code configured in the registry, likely geofence.
-
Executes dropped EXE
-
Loads dropped DLL
-
UPX packed file
Detects executables packed with UPX/modified UPX open source packer.
-