Overview

overview

10

Static

static

3

da5e08c835...18.dll

windows7-x64

7

da5e08c835...18.dll

windows10-2004-x64

10

Sharing

Copy URL
Twitter E-mail

General

  • Target

    da5e08c835cbd0bf80dbf9a2cd03d2ab_JaffaCakes118

  • Size

    576KB

  • Sample

    240911-pvzg8s1dqa

  • MD5

    da5e08c835cbd0bf80dbf9a2cd03d2ab

  • SHA1

    3f922606a69c973a70ccbadd8a4d5001e86ae8da

  • SHA256

    f0bd69c97367ac040106a971f3dcaa421b5c063b5fe036ebb31996509709f4fd

  • SHA512

    e740c06490765ac52a4c89794a2dbeb2955ff0c183dfd48c54844bde102a8ae84615b9ed5801d90eea43d3626578ecc938444159e32f0e2ff88315689fd22e9f

  • SSDEEP

    6144:CZLT3A5Dp0HvFIc5vBlcQGSgS62iiiiiSySYSGS+8c8c8AAANA/AA0fMGrgPhcl/:CZL7A5l0711g8onrOcWAqVv+S8

Score
10/10
ramnitbankerdiscoveryspywarestealertrojanupxworm

Malware Config

Targets

    • Target

      da5e08c835cbd0bf80dbf9a2cd03d2ab_JaffaCakes118

    • Size

      576KB

    • MD5

      da5e08c835cbd0bf80dbf9a2cd03d2ab

    • SHA1

      3f922606a69c973a70ccbadd8a4d5001e86ae8da

    • SHA256

      f0bd69c97367ac040106a971f3dcaa421b5c063b5fe036ebb31996509709f4fd

    • SHA512

      e740c06490765ac52a4c89794a2dbeb2955ff0c183dfd48c54844bde102a8ae84615b9ed5801d90eea43d3626578ecc938444159e32f0e2ff88315689fd22e9f

    • SSDEEP

      6144:CZLT3A5Dp0HvFIc5vBlcQGSgS62iiiiiSySYSGS+8c8c8AAANA/AA0fMGrgPhcl/:CZL7A5l0711g8onrOcWAqVv+S8

    Score
    10/10
    discoveryramnitbankerspywarestealertrojanupxworm

    • Ramnit

      Ramnit is a versatile family that holds viruses, worms, and Trojans.

      trojanspywarestealerwormbankerramnit

    • Executes dropped EXE

    • Loads dropped DLL

    • UPX packed file

      Detects executables packed with UPX/modified UPX open source packer.

      upx

    • Drops file in System32 directory

    behavioral1behavioral2

MITRE ATT&CK Enterprise v15

Tasks