Overview

overview

10

Static

static

1

66cf8b14c6...8.html

windows7-x64

10

66cf8b14c6...8.html

windows10-2004-x64

1

Sharing

Copy URL
Twitter E-mail

General

  • Target

    66cf8b14c6f573e452f420b0a1172009_JaffaCakes118

  • Size

    350KB

  • Sample

    240522-lj7gxsah3x

  • MD5

    66cf8b14c6f573e452f420b0a1172009

  • SHA1

    745fffafc23023fa4a4ac7b3b31b577dfb62d0f7

  • SHA256

    bf02eefaa7c78eb2a3fb1fc2cab91e0498fb902649a9a0b2d826fae45a498454

  • SHA512

    535526838550210189204b79a9b83c8d703adce0eba886aa24524e2c400f70af1d8d2406aad41c5d9d1ff53bbe03fbaeb2b899fbc4503345378b8aaee9427661

  • SSDEEP

    6144:0CsMYod+X3oI+YksMYod+X3oI+YpsMYod+X3oI+YQ:b5d+X3I5d+X3v5d+X3+

Score
10/10
ramnitbankerspywarestealertrojanupxworm

Malware Config

Targets

    • Target

      66cf8b14c6f573e452f420b0a1172009_JaffaCakes118

    • Size

      350KB

    • MD5

      66cf8b14c6f573e452f420b0a1172009

    • SHA1

      745fffafc23023fa4a4ac7b3b31b577dfb62d0f7

    • SHA256

      bf02eefaa7c78eb2a3fb1fc2cab91e0498fb902649a9a0b2d826fae45a498454

    • SHA512

      535526838550210189204b79a9b83c8d703adce0eba886aa24524e2c400f70af1d8d2406aad41c5d9d1ff53bbe03fbaeb2b899fbc4503345378b8aaee9427661

    • SSDEEP

      6144:0CsMYod+X3oI+YksMYod+X3oI+YpsMYod+X3oI+YQ:b5d+X3I5d+X3v5d+X3+

    Score
    10/10
    ramnitbankerspywarestealertrojanupxworm

    • Ramnit

      Ramnit is a versatile family that holds viruses, worms, and Trojans.

      trojanspywarestealerwormbankerramnit

    • Executes dropped EXE

    • Loads dropped DLL

    • UPX packed file

      Detects executables packed with UPX/modified UPX open source packer.

      upx
    behavioral1behavioral2

MITRE ATT&CK Matrix ATT&CK v13

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Modify Registry

1
T1112

Credential Access

Discovery

System Information Discovery

2
T1082

Query Registry

1
T1012

Lateral Movement

Collection

Exfiltration

Command and Control

Impact

Resource Development

Reconnaissance

Tasks