General
-
Target
1b492660af66d3abec3e0d4ea1eae510_JaffaCakes118
-
Size
92KB
-
Sample
240701-pkcwgs1fle
-
MD5
1b492660af66d3abec3e0d4ea1eae510
-
SHA1
1faefb5843f578aa742456329cfcb38bfc0ca3ac
-
SHA256
a2f381584d058302fd4906ece8624dff8a9f8c00ecee6e84ca70efad80be9381
-
SHA512
6d0f076a9a04bd310647b0457dd41e590e6c4b71aa9ea3144722e12dd0cd37d87501de58d1896644aff634554931d2a3412f0f776fefeecee84e8d9b4a5a78da
-
SSDEEP
1536:1VZnxm6MG9xgfrvEaoiT/GyphjXDYjKwttoswRmhApET:lnxwgxgfR/DVG7wBpET
Malware Config
Targets
-
-
Target
1b492660af66d3abec3e0d4ea1eae510_JaffaCakes118
-
Size
92KB
-
MD5
1b492660af66d3abec3e0d4ea1eae510
-
SHA1
1faefb5843f578aa742456329cfcb38bfc0ca3ac
-
SHA256
a2f381584d058302fd4906ece8624dff8a9f8c00ecee6e84ca70efad80be9381
-
SHA512
6d0f076a9a04bd310647b0457dd41e590e6c4b71aa9ea3144722e12dd0cd37d87501de58d1896644aff634554931d2a3412f0f776fefeecee84e8d9b4a5a78da
-
SSDEEP
1536:1VZnxm6MG9xgfrvEaoiT/GyphjXDYjKwttoswRmhApET:lnxwgxgfR/DVG7wBpET
Score10/10-
Modifies WinLogon for persistence
-
Ramnit
Ramnit is a versatile family that holds viruses, worms, and Trojans.
-
Executes dropped EXE
-
Loads dropped DLL
-
UPX packed file
Detects executables packed with UPX/modified UPX open source packer.
-
Drops file in System32 directory
-