Overview

overview

10

Static

static

3

ad02bd63c5...18.exe

windows7-x64

10

ad02bd63c5...18.exe

windows10-2004-x64

10

Sharing

Copy URL
Twitter E-mail

General

  • Target

    ad02bd63c55b08e4f74e2eaeceb3795a_JaffaCakes118

  • Size

    288KB

  • Sample

    240819-3ekk2a1fqg

  • MD5

    ad02bd63c55b08e4f74e2eaeceb3795a

  • SHA1

    e24afbbc3f21e92a5a8c1113697c1029c2f65f04

  • SHA256

    d2b2f8da6b60ca6991b91dc993374f2e294967d0aa926017a5cfec6aa344014f

  • SHA512

    9dc158995311391261d47084e6d87cab6480f646755c07b1048416ab00c6511bf8a0ebf4abd8f89bb8433424796c8d7a1b7c4aebdc9abcb421cf83d637e7f447

  • SSDEEP

    3072:/eAQAqT8OTi+iRSrpF/FWwNYuznxMmEsSbUN0R+OpN/iPqmT9:m3T8Z+iR4Z9uuzxhE9sdO3/YT9

Score
10/10
ramnitbankerdiscoveryevasionspywarestealertrojanupxworm

Malware Config

Targets

    • Target

      ad02bd63c55b08e4f74e2eaeceb3795a_JaffaCakes118

    • Size

      288KB

    • MD5

      ad02bd63c55b08e4f74e2eaeceb3795a

    • SHA1

      e24afbbc3f21e92a5a8c1113697c1029c2f65f04

    • SHA256

      d2b2f8da6b60ca6991b91dc993374f2e294967d0aa926017a5cfec6aa344014f

    • SHA512

      9dc158995311391261d47084e6d87cab6480f646755c07b1048416ab00c6511bf8a0ebf4abd8f89bb8433424796c8d7a1b7c4aebdc9abcb421cf83d637e7f447

    • SSDEEP

      3072:/eAQAqT8OTi+iRSrpF/FWwNYuznxMmEsSbUN0R+OpN/iPqmT9:m3T8Z+iR4Z9uuzxhE9sdO3/YT9

    Score
    10/10
    ramnitbankerdiscoveryspywarestealertrojanupxwormevasion

    • Modifies firewall policy service

      evasion

    • Ramnit

      Ramnit is a versatile family that holds viruses, worms, and Trojans.

      trojanspywarestealerwormbankerramnit

    • Executes dropped EXE

    • Loads dropped DLL

    • UPX packed file

      Detects executables packed with UPX/modified UPX open source packer.

      upx
    behavioral1behavioral2

MITRE ATT&CK Enterprise v15

Tasks