Overview

overview

10

Static

static

3

JaffaCakes...40.exe

windows7-x64

3

JaffaCakes...40.exe

windows10-2004-x64

10

Sharing

Copy URL
Twitter E-mail

General

  • Target

    JaffaCakes118_76f7139b546702647aee7f0c44078140

  • Size

    127KB

  • Sample

    250104-cgbsssvpgw

  • MD5

    76f7139b546702647aee7f0c44078140

  • SHA1

    0d83a6d83ed15b4ac5eb350e09d8527eb0d5a5a2

  • SHA256

    91af4b6c1c4abcfde6916d50b04985c3fc1b01aa5d0244117a6c587b46e6dd23

  • SHA512

    4fa9e39698e896894946e1b6c29d81a82b34226525ad19cc70ad0be37c75d49f0121ed7a90257bb6196c36e351dae50a654e3ead184993fdf1f2e5c2d81af59d

  • SSDEEP

    3072:QkVDcBSqao9c3HwsanTdgyOxsP+f+PciSn6H:mSqjc3HsTaxoqd6H

Score
10/10
ramnitbankerdiscoveryevasionspywarestealertrojanupxworm

Malware Config

Targets

    • Target

      JaffaCakes118_76f7139b546702647aee7f0c44078140

    • Size

      127KB

    • MD5

      76f7139b546702647aee7f0c44078140

    • SHA1

      0d83a6d83ed15b4ac5eb350e09d8527eb0d5a5a2

    • SHA256

      91af4b6c1c4abcfde6916d50b04985c3fc1b01aa5d0244117a6c587b46e6dd23

    • SHA512

      4fa9e39698e896894946e1b6c29d81a82b34226525ad19cc70ad0be37c75d49f0121ed7a90257bb6196c36e351dae50a654e3ead184993fdf1f2e5c2d81af59d

    • SSDEEP

      3072:QkVDcBSqao9c3HwsanTdgyOxsP+f+PciSn6H:mSqjc3HsTaxoqd6H

    Score
    10/10
    discoveryramnitbankerevasionspywarestealertrojanupxworm

    • Modifies firewall policy service

      evasion

    • Ramnit

      Ramnit is a versatile family that holds viruses, worms, and Trojans.

      trojanspywarestealerwormbankerramnit

    • Ramnit family

      ramnit

    • Loads dropped DLL

    • UPX packed file

      Detects executables packed with UPX/modified UPX open source packer.

      upx
    behavioral1behavioral2

MITRE ATT&CK Enterprise v15

Tasks