Overview

overview

10

Static

static

3

74dcc9626c...18.dll

windows7-x64

10

74dcc9626c...18.dll

windows10-2004-x64

10

Sharing

Copy URL Twitter E-mail

General

  • Target

    74dcc9626c36f9309ea8a8ba2ae2efec_JaffaCakes118

  • Size

    132KB

  • Sample

    240726-t6f79azdlq

  • MD5

    74dcc9626c36f9309ea8a8ba2ae2efec

  • SHA1

    37c1cda3c13fc1bee25318691b0e4fc3dd0de422

  • SHA256

    b64616fcc0c52422fe7089d3c1d70ceeaa8a106ae1e9b01063d0b0177720973a

  • SHA512

    4dd6be36671ab2f494dbf85b0f61d9d42e31890d5c8fc46d55c117b12c50a2602387ef2af6090709118556d297e9ea3020834b5fe87a6e17fccf708ed2221336

  • SSDEEP

    3072:ro6nwLqrSa4I+VCUgVr9kYaQBqaFM2oVhyAn1+F:k6ungVrwwM2uf1y

Score
10/10
ramnitbankerdiscoverypersistencespywarestealertrojanupxworm

Malware Config

Targets

    • Target

      74dcc9626c36f9309ea8a8ba2ae2efec_JaffaCakes118

    • Size

      132KB

    • MD5

      74dcc9626c36f9309ea8a8ba2ae2efec

    • SHA1

      37c1cda3c13fc1bee25318691b0e4fc3dd0de422

    • SHA256

      b64616fcc0c52422fe7089d3c1d70ceeaa8a106ae1e9b01063d0b0177720973a

    • SHA512

      4dd6be36671ab2f494dbf85b0f61d9d42e31890d5c8fc46d55c117b12c50a2602387ef2af6090709118556d297e9ea3020834b5fe87a6e17fccf708ed2221336

    • SSDEEP

      3072:ro6nwLqrSa4I+VCUgVr9kYaQBqaFM2oVhyAn1+F:k6ungVrwwM2uf1y

    Score
    10/10
    ramnitbankerdiscoverypersistencespywarestealertrojanupxworm

    • Modifies WinLogon for persistence

      persistence

    • Ramnit

      Ramnit is a versatile family that holds viruses, worms, and Trojans.

      trojanspywarestealerwormbankerramnit

    • Executes dropped EXE

    • Loads dropped DLL

    • UPX packed file

      Detects executables packed with UPX/modified UPX open source packer.

      upx

    • Drops file in System32 directory

    behavioral1behavioral2

MITRE ATT&CK Enterprise v15

Tasks