General
-
Target
197d7acb5047dc2ec5444777f4098d41_JaffaCakes118
-
Size
193KB
-
Sample
240628-kl8x4azhjc
-
MD5
197d7acb5047dc2ec5444777f4098d41
-
SHA1
9864742e3f5020411c2a161406e51400565b4181
-
SHA256
da9202fdc9e2719366f97439a963251c28d7c28da4d70bce4990b7ff0c3a65c8
-
SHA512
09c0d6ea15cfa1997d25e1173400899f46924e91566f63e50e9f1e6e41e5678b52a4f772b383c31b00e9918a4968791ed80fa8551afca80ab28a8255c8ab1714
-
SSDEEP
3072:S73MITL/9oSmkbx3ZtffjBTnIwanLMvt8qY1w6MQY0DzS:QdTpountf75Iwk7qyMQTG
Malware Config
Targets
-
-
Target
197d7acb5047dc2ec5444777f4098d41_JaffaCakes118
-
Size
193KB
-
MD5
197d7acb5047dc2ec5444777f4098d41
-
SHA1
9864742e3f5020411c2a161406e51400565b4181
-
SHA256
da9202fdc9e2719366f97439a963251c28d7c28da4d70bce4990b7ff0c3a65c8
-
SHA512
09c0d6ea15cfa1997d25e1173400899f46924e91566f63e50e9f1e6e41e5678b52a4f772b383c31b00e9918a4968791ed80fa8551afca80ab28a8255c8ab1714
-
SSDEEP
3072:S73MITL/9oSmkbx3ZtffjBTnIwanLMvt8qY1w6MQY0DzS:QdTpountf75Iwk7qyMQTG
Score10/10-
Modifies WinLogon for persistence
-
Ramnit
Ramnit is a versatile family that holds viruses, worms, and Trojans.
-
Executes dropped EXE
-
Loads dropped DLL
-
UPX packed file
Detects executables packed with UPX/modified UPX open source packer.
-
Drops file in System32 directory
-