Overview

overview

10

Static

static

1

aa05b8c6b2...8.html

windows7-x64

10

aa05b8c6b2...8.html

windows10-2004-x64

1

Sharing

Copy URL
Twitter E-mail

General

  • Target

    aa05b8c6b2e1bdc0a9f32a35ba9b5944_JaffaCakes118

  • Size

    193KB

  • Sample

    240614-q59avsxblp

  • MD5

    aa05b8c6b2e1bdc0a9f32a35ba9b5944

  • SHA1

    cd6c9953899bcc5137b50149738c927c927c294c

  • SHA256

    400d796e5190bfcc1a64abec54906d6c531cd2bf3894b42e1a7cbd1434bb284f

  • SHA512

    76eb8089b30a42f44be23b0e99283bae76dcf808d28f830dfd0a7ec475ef0e3b84c1109e5c1817c7c3d73d35f0dd840b47f0b0d33c8e3cb8620f63e6263d2236

  • SSDEEP

    3072:SQWsTeyfkMY+BES09JXAnyrZalI+Ye47uM9f7UL:SpGsMYod+X3oI+Ye4pf7UL

Score
10/10
ramnitbankerspywarestealertrojanupxworm

Malware Config

Targets

    • Target

      aa05b8c6b2e1bdc0a9f32a35ba9b5944_JaffaCakes118

    • Size

      193KB

    • MD5

      aa05b8c6b2e1bdc0a9f32a35ba9b5944

    • SHA1

      cd6c9953899bcc5137b50149738c927c927c294c

    • SHA256

      400d796e5190bfcc1a64abec54906d6c531cd2bf3894b42e1a7cbd1434bb284f

    • SHA512

      76eb8089b30a42f44be23b0e99283bae76dcf808d28f830dfd0a7ec475ef0e3b84c1109e5c1817c7c3d73d35f0dd840b47f0b0d33c8e3cb8620f63e6263d2236

    • SSDEEP

      3072:SQWsTeyfkMY+BES09JXAnyrZalI+Ye47uM9f7UL:SpGsMYod+X3oI+Ye4pf7UL

    Score
    10/10
    ramnitbankerspywarestealertrojanupxworm

    • Ramnit

      Ramnit is a versatile family that holds viruses, worms, and Trojans.

      trojanspywarestealerwormbankerramnit

    • Executes dropped EXE

    • Loads dropped DLL

    • UPX packed file

      Detects executables packed with UPX/modified UPX open source packer.

      upx
    behavioral1behavioral2

MITRE ATT&CK Matrix ATT&CK v13

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Modify Registry

1
T1112

Credential Access

Discovery

Query Registry

1
T1012

System Information Discovery

1
T1082

Lateral Movement

Collection

Exfiltration

Command and Control

Impact

Resource Development

Reconnaissance

Tasks