Overview

overview

10

Static

static

1

6c8068ba43...8.html

windows7-x64

10

6c8068ba43...8.html

windows10-2004-x64

1

Sharing

Copy URL
Twitter E-mail

General

  • Target

    6c8068ba43b28e6e14431f5e35b12eae_JaffaCakes118

  • Size

    158KB

  • Sample

    240523-2n3brsca31

  • MD5

    6c8068ba43b28e6e14431f5e35b12eae

  • SHA1

    7a65e61790207c9b27a68fa9ea8482a8abc13c9a

  • SHA256

    5feb48baba9d0464d767e949c399794302eb22239cc1f16f53e9386d379c870b

  • SHA512

    b7f4fc32e1183c28c74092bf9585e49a66526b683c350e1a1d1189e140f3f7081c700c68a7e27bbbd994a42d6ceeea709fed20d5994c2fb24e8879ff7350e28b

  • SSDEEP

    3072:i9p0emuoxKyfkMY+BES09JXAnyrZalI+YQ:in0emuoxvsMYod+X3oI+YQ

Score
10/10
ramnitbankerspywarestealertrojanupxworm

Malware Config

Targets

    • Target

      6c8068ba43b28e6e14431f5e35b12eae_JaffaCakes118

    • Size

      158KB

    • MD5

      6c8068ba43b28e6e14431f5e35b12eae

    • SHA1

      7a65e61790207c9b27a68fa9ea8482a8abc13c9a

    • SHA256

      5feb48baba9d0464d767e949c399794302eb22239cc1f16f53e9386d379c870b

    • SHA512

      b7f4fc32e1183c28c74092bf9585e49a66526b683c350e1a1d1189e140f3f7081c700c68a7e27bbbd994a42d6ceeea709fed20d5994c2fb24e8879ff7350e28b

    • SSDEEP

      3072:i9p0emuoxKyfkMY+BES09JXAnyrZalI+YQ:in0emuoxvsMYod+X3oI+YQ

    Score
    10/10
    ramnitbankerspywarestealertrojanupxworm

    • Ramnit

      Ramnit is a versatile family that holds viruses, worms, and Trojans.

      trojanspywarestealerwormbankerramnit

    • Executes dropped EXE

    • Loads dropped DLL

    • UPX packed file

      Detects executables packed with UPX/modified UPX open source packer.

      upx
    behavioral1behavioral2

MITRE ATT&CK Matrix ATT&CK v13

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Modify Registry

1
T1112

Credential Access

Discovery

Query Registry

1
T1012

System Information Discovery

1
T1082

Lateral Movement

Collection

Exfiltration

Command and Control

Impact

Resource Development

Reconnaissance

Tasks