Overview

overview

10

Static

static

3

JaffaCakes...65.exe

windows7-x64

10

JaffaCakes...65.exe

windows10-2004-x64

10

Resubmissions

12-01-2025 13:33

250112-qtg28swrbk 10

12-01-2025 13:25

250112-qpa35atnfx 10

Sharing

Copy URL
Twitter E-mail

General

  • Target

    JaffaCakes118_0fb52c17731f71c5bca22d7d23ab0565

  • Size

    93KB

  • Sample

    250112-qpa35atnfx

  • MD5

    0fb52c17731f71c5bca22d7d23ab0565

  • SHA1

    be62a433328c07a53927b9dabf5a9e003b604693

  • SHA256

    2d4e5c52be020c2098a2e06d105136d54fd75c50c08ea2ba5c322f051b750caa

  • SHA512

    2c153ac9f6dc4f5987f0205c527351892316dbed86c7bb8204cb3d1a43e6658743ad5883e184239924680e0fc7093ff94fb71d33fa9304f482ffeec87c950453

  • SSDEEP

    1536:dVZnxm6MG9xgfrvEaoiT/GyphjXDYjKwttoswRmhApE:tnxwgxgfR/DVG7wBpE

Score
10/10
ramnitbankerdiscoverypersistencespywarestealertrojanupxworm

Malware Config

Targets

    • Target

      JaffaCakes118_0fb52c17731f71c5bca22d7d23ab0565

    • Size

      93KB

    • MD5

      0fb52c17731f71c5bca22d7d23ab0565

    • SHA1

      be62a433328c07a53927b9dabf5a9e003b604693

    • SHA256

      2d4e5c52be020c2098a2e06d105136d54fd75c50c08ea2ba5c322f051b750caa

    • SHA512

      2c153ac9f6dc4f5987f0205c527351892316dbed86c7bb8204cb3d1a43e6658743ad5883e184239924680e0fc7093ff94fb71d33fa9304f482ffeec87c950453

    • SSDEEP

      1536:dVZnxm6MG9xgfrvEaoiT/GyphjXDYjKwttoswRmhApE:tnxwgxgfR/DVG7wBpE

    Score
    10/10
    ramnitbankerdiscoverypersistencespywarestealertrojanupxworm

    • Modifies WinLogon for persistence

      persistence

    • Ramnit

      Ramnit is a versatile family that holds viruses, worms, and Trojans.

      trojanspywarestealerwormbankerramnit

    • Ramnit family

      ramnit

    • Executes dropped EXE

    • Loads dropped DLL

    • Drops file in System32 directory

    • UPX packed file

      Detects executables packed with UPX/modified UPX open source packer.

      upx
    behavioral1behavioral2

MITRE ATT&CK Enterprise v15

Tasks