General
-
Target
1bc1ec8789758ea996e78b7be429ee06_JaffaCakes118
-
Size
132KB
-
Sample
240701-vbza1ssgkk
-
MD5
1bc1ec8789758ea996e78b7be429ee06
-
SHA1
7e52a3f078a0fc3cf522f06a14406a5db6a5cc8d
-
SHA256
622ace3bd4b8fe20fccc53365a4c9189af3482a000b56ac7576aef7d1e9af780
-
SHA512
f1a28f8a66dbfc79239e7107ac6fc3fda18f9a267af85086af844a0eaeb7cc9bac6b2fec06d29f6735685fa847368689e4e61d251385497e7e685f58eed1b6df
-
SSDEEP
3072:po6nwLqrSa4I+VC2L99ZgyXf9MWebpjMGlDCdrv:W6ux7vBsGdv
Malware Config
Targets
-
-
Target
1bc1ec8789758ea996e78b7be429ee06_JaffaCakes118
-
Size
132KB
-
MD5
1bc1ec8789758ea996e78b7be429ee06
-
SHA1
7e52a3f078a0fc3cf522f06a14406a5db6a5cc8d
-
SHA256
622ace3bd4b8fe20fccc53365a4c9189af3482a000b56ac7576aef7d1e9af780
-
SHA512
f1a28f8a66dbfc79239e7107ac6fc3fda18f9a267af85086af844a0eaeb7cc9bac6b2fec06d29f6735685fa847368689e4e61d251385497e7e685f58eed1b6df
-
SSDEEP
3072:po6nwLqrSa4I+VC2L99ZgyXf9MWebpjMGlDCdrv:W6ux7vBsGdv
Score10/10-
Modifies WinLogon for persistence
-
Ramnit
Ramnit is a versatile family that holds viruses, worms, and Trojans.
-
Executes dropped EXE
-
Loads dropped DLL
-
UPX packed file
Detects executables packed with UPX/modified UPX open source packer.
-
Drops file in System32 directory
-