Overview

overview

10

Static

static

1

062ee06be1...8.html

windows7-x64

10

062ee06be1...8.html

windows10-2004-x64

1

Sharing

Copy URL
Twitter E-mail

General

  • Target

    062ee06be1169bfeb121435f94ae6e68_JaffaCakes118

  • Size

    386KB

  • Sample

    240428-13kvlaag5t

  • MD5

    062ee06be1169bfeb121435f94ae6e68

  • SHA1

    7e641d18cf7455d6519aeb0ea87c93545f4ba874

  • SHA256

    4a17a3905084843c2fbea01a5918fd5bf1d1b3a1375c3d1ac5f006eb56cb4a04

  • SHA512

    a3bd05029b9abbb5a35bfc02a88e65b1cc3d8bca5ef12091e8165a261b2f924a51f6022d1ae90ba41ee2aacc93b6b6c44fce7fc4aa6af9b47a49735ec5d9f699

  • SSDEEP

    6144:xdsMYod+X3oI+YmZuuShKGsMYod+X3oI+YmZuuShKS:v5d+X3gJU5d+X3gJC

Score
10/10
ramnitbankerspywarestealertrojanupxworm

Malware Config

Targets

    • Target

      062ee06be1169bfeb121435f94ae6e68_JaffaCakes118

    • Size

      386KB

    • MD5

      062ee06be1169bfeb121435f94ae6e68

    • SHA1

      7e641d18cf7455d6519aeb0ea87c93545f4ba874

    • SHA256

      4a17a3905084843c2fbea01a5918fd5bf1d1b3a1375c3d1ac5f006eb56cb4a04

    • SHA512

      a3bd05029b9abbb5a35bfc02a88e65b1cc3d8bca5ef12091e8165a261b2f924a51f6022d1ae90ba41ee2aacc93b6b6c44fce7fc4aa6af9b47a49735ec5d9f699

    • SSDEEP

      6144:xdsMYod+X3oI+YmZuuShKGsMYod+X3oI+YmZuuShKS:v5d+X3gJU5d+X3gJC

    Score
    10/10
    ramnitbankerspywarestealertrojanupxworm

    • Ramnit

      Ramnit is a versatile family that holds viruses, worms, and Trojans.

      trojanspywarestealerwormbankerramnit

    • Executes dropped EXE

    • Loads dropped DLL

    • UPX packed file

      Detects executables packed with UPX/modified UPX open source packer.

      upx
    behavioral1behavioral2

MITRE ATT&CK Matrix ATT&CK v13

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Modify Registry

1
T1112

Credential Access

Discovery

Query Registry

1
T1012

System Information Discovery

1
T1082

Lateral Movement

Collection

Exfiltration

Command and Control

Impact

Resource Development

Reconnaissance

Tasks