Overview

overview

10

Static

static

1

a3c1901b49...8.html

windows7-x64

10

a3c1901b49...8.html

windows10-2004-x64

1

Sharing

Copy URL
Twitter E-mail

General

  • Target

    a3c1901b49afa17768d11ae100ab6dfd_JaffaCakes118

  • Size

    133KB

  • Sample

    240613-ejhegaxclm

  • MD5

    a3c1901b49afa17768d11ae100ab6dfd

  • SHA1

    485f7bd513737d968ba7bf0dbf2608649248749c

  • SHA256

    f796de4c2ebb7ac8653ee2818a4dd7628744afabf05dd41a8ecc66027a6ac5a5

  • SHA512

    433ecf6ddde681bb936e19eadd9a7f0d4e784e1b540ee386e0eaa417a5d95bca4c114fca7250e30bcc4fae642b7c9b9ad3cbf94e57a054df704b293a31e59adf

  • SSDEEP

    3072:ajZb24yfkMY+BES09JXAnyrZalI+YOE8D:JsMYod+X3oI+YOEq

Score
10/10
ramnitbankerspywarestealertrojanupxworm

Malware Config

Targets

    • Target

      a3c1901b49afa17768d11ae100ab6dfd_JaffaCakes118

    • Size

      133KB

    • MD5

      a3c1901b49afa17768d11ae100ab6dfd

    • SHA1

      485f7bd513737d968ba7bf0dbf2608649248749c

    • SHA256

      f796de4c2ebb7ac8653ee2818a4dd7628744afabf05dd41a8ecc66027a6ac5a5

    • SHA512

      433ecf6ddde681bb936e19eadd9a7f0d4e784e1b540ee386e0eaa417a5d95bca4c114fca7250e30bcc4fae642b7c9b9ad3cbf94e57a054df704b293a31e59adf

    • SSDEEP

      3072:ajZb24yfkMY+BES09JXAnyrZalI+YOE8D:JsMYod+X3oI+YOEq

    Score
    10/10
    ramnitbankerspywarestealertrojanupxworm

    • Ramnit

      Ramnit is a versatile family that holds viruses, worms, and Trojans.

      trojanspywarestealerwormbankerramnit

    • Executes dropped EXE

    • Loads dropped DLL

    • UPX packed file

      Detects executables packed with UPX/modified UPX open source packer.

      upx
    behavioral1behavioral2

MITRE ATT&CK Matrix ATT&CK v13

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Modify Registry

1
T1112

Credential Access

Discovery

Query Registry

1
T1012

System Information Discovery

1
T1082

Lateral Movement

Collection

Exfiltration

Command and Control

Impact

Resource Development

Reconnaissance

Tasks