Overview

overview

10

Static

static

1

685b50a134...8.html

windows7-x64

10

685b50a134...8.html

windows10-2004-x64

1

Sharing

Copy URL
Twitter E-mail

General

  • Target

    685b50a1342f8093e12eeefd7c004e1a_JaffaCakes118

  • Size

    184KB

  • Sample

    240522-x6jvxsdg33

  • MD5

    685b50a1342f8093e12eeefd7c004e1a

  • SHA1

    8e4f7cf9f8809df31447bfa7766f474ced525935

  • SHA256

    b45b635198e7a1fecc3bf92d79f5a1b46baac79d79fb994e970fc9c9d2cbbf3a

  • SHA512

    352f46f9a5abc104e4e545336a69071c51bab6f0b6894657ab57dbb24ff6d465d2fa2d05e0d57f0bdc7991331b080e5dc216382a76fb6abd75aa674fa95546f8

  • SSDEEP

    3072:GF/6ijbwEayfkMY+BES09JXAnyrZalI+Y6XXI6EyA8:GDsMYod+X3oI+YS1tA8

Score
10/10
ramnitbankerspywarestealertrojanupxworm

Malware Config

Targets

    • Target

      685b50a1342f8093e12eeefd7c004e1a_JaffaCakes118

    • Size

      184KB

    • MD5

      685b50a1342f8093e12eeefd7c004e1a

    • SHA1

      8e4f7cf9f8809df31447bfa7766f474ced525935

    • SHA256

      b45b635198e7a1fecc3bf92d79f5a1b46baac79d79fb994e970fc9c9d2cbbf3a

    • SHA512

      352f46f9a5abc104e4e545336a69071c51bab6f0b6894657ab57dbb24ff6d465d2fa2d05e0d57f0bdc7991331b080e5dc216382a76fb6abd75aa674fa95546f8

    • SSDEEP

      3072:GF/6ijbwEayfkMY+BES09JXAnyrZalI+Y6XXI6EyA8:GDsMYod+X3oI+YS1tA8

    Score
    10/10
    ramnitbankerspywarestealertrojanupxworm

    • Ramnit

      Ramnit is a versatile family that holds viruses, worms, and Trojans.

      trojanspywarestealerwormbankerramnit

    • Executes dropped EXE

    • Loads dropped DLL

    • UPX packed file

      Detects executables packed with UPX/modified UPX open source packer.

      upx
    behavioral1behavioral2

MITRE ATT&CK Matrix ATT&CK v13

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Modify Registry

1
T1112

Credential Access

Discovery

Query Registry

1
T1012

System Information Discovery

1
T1082

Lateral Movement

Collection

Exfiltration

Command and Control

Impact

Resource Development

Reconnaissance

Tasks