Overview

overview

10

Static

static

3

JaffaCakes...00.dll

windows7-x64

10

JaffaCakes...00.dll

windows10-2004-x64

10

Sharing

Copy URL
Twitter E-mail

General

  • Target

    JaffaCakes118_49994990f4730dd51cb0b3acaad07a00

  • Size

    184KB

  • Sample

    250101-gmqalayqgj

  • MD5

    49994990f4730dd51cb0b3acaad07a00

  • SHA1

    b9e420d4da45abd56557e53ce182491b888be11f

  • SHA256

    25bd9427ecce35b26fbf2983d3b682e7a38009bbbce5972c795992081be0b718

  • SHA512

    17c3becd4f709db32933d9105fa98eddf2c5df7aa225dc5f58900ee533e437db6515ca70ccaafc11ee3b0ac158018541b9fe33df781f371cd324003a9a1103d0

  • SSDEEP

    3072:LeuJVTztyP0fWycQyqrRpoiYHBK6Q/vXF9Zpf6LFv9JfA96:L/zgcA/qc0tR6ZHf

Score
10/10
ramnitbankerdiscoveryspywarestealertrojanupxworm

Malware Config

Targets

    • Target

      JaffaCakes118_49994990f4730dd51cb0b3acaad07a00

    • Size

      184KB

    • MD5

      49994990f4730dd51cb0b3acaad07a00

    • SHA1

      b9e420d4da45abd56557e53ce182491b888be11f

    • SHA256

      25bd9427ecce35b26fbf2983d3b682e7a38009bbbce5972c795992081be0b718

    • SHA512

      17c3becd4f709db32933d9105fa98eddf2c5df7aa225dc5f58900ee533e437db6515ca70ccaafc11ee3b0ac158018541b9fe33df781f371cd324003a9a1103d0

    • SSDEEP

      3072:LeuJVTztyP0fWycQyqrRpoiYHBK6Q/vXF9Zpf6LFv9JfA96:L/zgcA/qc0tR6ZHf

    Score
    10/10
    ramnitbankerdiscoveryspywarestealertrojanupxworm

    • Ramnit

      Ramnit is a versatile family that holds viruses, worms, and Trojans.

      trojanspywarestealerwormbankerramnit

    • Ramnit family

      ramnit

    • Executes dropped EXE

    • Loads dropped DLL

    • Drops file in System32 directory

    • UPX packed file

      Detects executables packed with UPX/modified UPX open source packer.

      upx
    behavioral1behavioral2

MITRE ATT&CK Enterprise v15

Tasks