General
-
Target
1f6a4a8f040c4644ab11566a49ed4fb8_JaffaCakes118
-
Size
119KB
-
Sample
240702-qc1s1stcla
-
MD5
1f6a4a8f040c4644ab11566a49ed4fb8
-
SHA1
df37d7c271967c5b2fa5a237b6b28c5b58a4e8fa
-
SHA256
6ee7624270fc52e13ef566339f8679267109b82ea89fa86289a4d59f23cd5b4e
-
SHA512
b6e967f1aeec32ed8e6562509da42e609577427aad145539f2ea110db1563d195a2202e57bb09fe15f2a2dbcb3584239ff6b16084f288c43607ee63a0a22fa13
-
SSDEEP
1536:/Znxm6MG9xgfrvEaoiT/GyphjXDYjKwttoswRmhApEql/KHCQpmSKvobFP:hnxwgxgfR/DVG7wBpEw/i/cvoJP
Malware Config
Targets
-
-
Target
1f6a4a8f040c4644ab11566a49ed4fb8_JaffaCakes118
-
Size
119KB
-
MD5
1f6a4a8f040c4644ab11566a49ed4fb8
-
SHA1
df37d7c271967c5b2fa5a237b6b28c5b58a4e8fa
-
SHA256
6ee7624270fc52e13ef566339f8679267109b82ea89fa86289a4d59f23cd5b4e
-
SHA512
b6e967f1aeec32ed8e6562509da42e609577427aad145539f2ea110db1563d195a2202e57bb09fe15f2a2dbcb3584239ff6b16084f288c43607ee63a0a22fa13
-
SSDEEP
1536:/Znxm6MG9xgfrvEaoiT/GyphjXDYjKwttoswRmhApEql/KHCQpmSKvobFP:hnxwgxgfR/DVG7wBpEw/i/cvoJP
Score10/10-
Modifies WinLogon for persistence
-
Ramnit
Ramnit is a versatile family that holds viruses, worms, and Trojans.
-
Executes dropped EXE
-
Loads dropped DLL
-
UPX packed file
Detects executables packed with UPX/modified UPX open source packer.
-
Drops file in System32 directory
-