Overview

overview

10

Static

static

3

JaffaCakes...a0.dll

windows7-x64

10

JaffaCakes...a0.dll

windows10-2004-x64

10

Sharing

Copy URL
Twitter E-mail

General

  • Target

    JaffaCakes118_43198b92a059eb7dae8a5cb62ff178a0

  • Size

    481KB

  • Sample

    250101-ceagyszpfw

  • MD5

    43198b92a059eb7dae8a5cb62ff178a0

  • SHA1

    f5dec61070421f807e006497fe320675a9281b0a

  • SHA256

    203d270cd275fdb347981f5f4e8c53e9e8126f1f0b890dcf33204aaa681b23ce

  • SHA512

    aa4dae9e89426536566af520ffc2b50306f08143bb2d551732877146123f8af9ce8cfa0b4fd7463a934623fc7b8d30fb46bf223897b57420595f50b7b6556172

  • SSDEEP

    12288:/fPQCxgYD8G36od+nzDRpujoEHprlW4nEDqTvTZOOUNvDQ:HPBxZ6VQjOOWN

Score
10/10
ramnitbankerdiscoveryspywarestealertrojanupxworm

Malware Config

Targets

    • Target

      JaffaCakes118_43198b92a059eb7dae8a5cb62ff178a0

    • Size

      481KB

    • MD5

      43198b92a059eb7dae8a5cb62ff178a0

    • SHA1

      f5dec61070421f807e006497fe320675a9281b0a

    • SHA256

      203d270cd275fdb347981f5f4e8c53e9e8126f1f0b890dcf33204aaa681b23ce

    • SHA512

      aa4dae9e89426536566af520ffc2b50306f08143bb2d551732877146123f8af9ce8cfa0b4fd7463a934623fc7b8d30fb46bf223897b57420595f50b7b6556172

    • SSDEEP

      12288:/fPQCxgYD8G36od+nzDRpujoEHprlW4nEDqTvTZOOUNvDQ:HPBxZ6VQjOOWN

    Score
    10/10
    ramnitbankerdiscoveryspywarestealertrojanupxworm

    • Ramnit

      Ramnit is a versatile family that holds viruses, worms, and Trojans.

      trojanspywarestealerwormbankerramnit

    • Ramnit family

      ramnit

    • Executes dropped EXE

    • Loads dropped DLL

    • Drops file in System32 directory

    • UPX packed file

      Detects executables packed with UPX/modified UPX open source packer.

      upx
    behavioral1behavioral2

MITRE ATT&CK Enterprise v15

Tasks