Overview

overview

10

Static

static

1

705734c3bc...8.html

windows7-x64

10

705734c3bc...8.html

windows10-2004-x64

1

Sharing

Copy URL
Twitter E-mail

General

  • Target

    705734c3bc0032281dc38a342c4f83bf_JaffaCakes118

  • Size

    176KB

  • Sample

    240525-a6s29sgf6s

  • MD5

    705734c3bc0032281dc38a342c4f83bf

  • SHA1

    4833968b54c58c03e6cee98dd0c7a3784ac685dd

  • SHA256

    45f3e2a5e043fd3c4f18f2f7a8fff6ba993747a2a25b660df9d492e3b9f393d3

  • SHA512

    f7d01ec9bc245cf524914b67a89d37d9ce0af40ca0b0747d7b671787c6beef45873b28296fe26513d9be51a9f50468a71ad6bc7685e1f915fd5c380642f23358

  • SSDEEP

    3072:SJtb61lyfkMY+BES09JXAnyrZalI+YFrGOiDXev:SJtb61QsMYod+X3oI+YRGDev

Score
10/10
ramnitbankerspywarestealertrojanupxworm

Malware Config

Targets

    • Target

      705734c3bc0032281dc38a342c4f83bf_JaffaCakes118

    • Size

      176KB

    • MD5

      705734c3bc0032281dc38a342c4f83bf

    • SHA1

      4833968b54c58c03e6cee98dd0c7a3784ac685dd

    • SHA256

      45f3e2a5e043fd3c4f18f2f7a8fff6ba993747a2a25b660df9d492e3b9f393d3

    • SHA512

      f7d01ec9bc245cf524914b67a89d37d9ce0af40ca0b0747d7b671787c6beef45873b28296fe26513d9be51a9f50468a71ad6bc7685e1f915fd5c380642f23358

    • SSDEEP

      3072:SJtb61lyfkMY+BES09JXAnyrZalI+YFrGOiDXev:SJtb61QsMYod+X3oI+YRGDev

    Score
    10/10
    ramnitbankerspywarestealertrojanupxworm

    • Ramnit

      Ramnit is a versatile family that holds viruses, worms, and Trojans.

      trojanspywarestealerwormbankerramnit

    • Executes dropped EXE

    • Loads dropped DLL

    • UPX packed file

      Detects executables packed with UPX/modified UPX open source packer.

      upx
    behavioral1behavioral2

MITRE ATT&CK Matrix ATT&CK v13

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Modify Registry

1
T1112

Credential Access

Discovery

Query Registry

1
T1012

System Information Discovery

1
T1082

Lateral Movement

Collection

Exfiltration

Command and Control

Impact

Resource Development

Reconnaissance

Tasks