Overview

overview

10

Static

static

3

JaffaCakes...90.dll

windows7-x64

10

JaffaCakes...90.dll

windows10-2004-x64

7

Sharing

Copy URL
Twitter E-mail

General

  • Target

    JaffaCakes118_4e4498c8ef54e72c8cb53c52235fbd90

  • Size

    448KB

  • Sample

    250101-kgbf2azlg1

  • MD5

    4e4498c8ef54e72c8cb53c52235fbd90

  • SHA1

    9cfa43637f14a87de59832a9ea91485dabc163d8

  • SHA256

    aeac8e30227f84ddba7add2535f8821e13a65fb8b435aed2d1e1ebc849836384

  • SHA512

    91cfff553ecb03b0026e9979542bbc1659decdaf0c918a97fd743018eece53c7fe96cd7e05e37a1695937b3a5a1e7b0ad105bf52129d2afdb42b651d9543a963

  • SSDEEP

    6144:WcV9z83OtqxnEYmt3NEnvfF+Tbmbw6An8FMciFMNrb3YgxxpbCAOxO2ElvlE+miO:Woz83OtIEzW+/m/AyF7bCrO/Ev1j0WSC

Score
10/10
ramnitbankerdiscoveryspywarestealertrojanupxworm

Malware Config

Targets

    • Target

      JaffaCakes118_4e4498c8ef54e72c8cb53c52235fbd90

    • Size

      448KB

    • MD5

      4e4498c8ef54e72c8cb53c52235fbd90

    • SHA1

      9cfa43637f14a87de59832a9ea91485dabc163d8

    • SHA256

      aeac8e30227f84ddba7add2535f8821e13a65fb8b435aed2d1e1ebc849836384

    • SHA512

      91cfff553ecb03b0026e9979542bbc1659decdaf0c918a97fd743018eece53c7fe96cd7e05e37a1695937b3a5a1e7b0ad105bf52129d2afdb42b651d9543a963

    • SSDEEP

      6144:WcV9z83OtqxnEYmt3NEnvfF+Tbmbw6An8FMciFMNrb3YgxxpbCAOxO2ElvlE+miO:Woz83OtIEzW+/m/AyF7bCrO/Ev1j0WSC

    Score
    10/10
    ramnitbankerdiscoveryspywarestealertrojanupxworm

    • Ramnit

      Ramnit is a versatile family that holds viruses, worms, and Trojans.

      trojanspywarestealerwormbankerramnit

    • Ramnit family

      ramnit

    • Executes dropped EXE

    • Loads dropped DLL

    • Drops file in System32 directory

    • UPX packed file

      Detects executables packed with UPX/modified UPX open source packer.

      upx
    behavioral1behavioral2

MITRE ATT&CK Enterprise v15

Tasks