Overview

overview

10

Static

static

3

JaffaCakes...13.dll

windows7-x64

10

JaffaCakes...13.dll

windows10-2004-x64

10

Sharing

Copy URL
Twitter E-mail

General

  • Target

    JaffaCakes118_07a3182e5b7a23fc280812f3626fc813

  • Size

    754KB

  • Sample

    250121-1chmjs1qaz

  • MD5

    07a3182e5b7a23fc280812f3626fc813

  • SHA1

    94131dd8f73672cb92bcc384bbd897f131fa3a96

  • SHA256

    3fa4b48aa56ba0eb7476b445a2c333f13ae0080f39d4803f4c34a95ca131e320

  • SHA512

    27dca3d3418a0ae92432c03c62873460b0e32a762bd1e5f195411d51c7200649e58797a465f1719ac9e65d061bbf04feff4fd1126fdf4d6deada78344a83225a

  • SSDEEP

    12288:4NIyZN4+Wv4PLq6Okrh9ZN/hs9DsdzvCIKFdq3VPIdrV:49TPmirh9Zdh6MvCbdq3arV

Score
10/10
ramnitbankerdiscoveryspywarestealertrojanupxworm

Malware Config

Targets

    • Target

      JaffaCakes118_07a3182e5b7a23fc280812f3626fc813

    • Size

      754KB

    • MD5

      07a3182e5b7a23fc280812f3626fc813

    • SHA1

      94131dd8f73672cb92bcc384bbd897f131fa3a96

    • SHA256

      3fa4b48aa56ba0eb7476b445a2c333f13ae0080f39d4803f4c34a95ca131e320

    • SHA512

      27dca3d3418a0ae92432c03c62873460b0e32a762bd1e5f195411d51c7200649e58797a465f1719ac9e65d061bbf04feff4fd1126fdf4d6deada78344a83225a

    • SSDEEP

      12288:4NIyZN4+Wv4PLq6Okrh9ZN/hs9DsdzvCIKFdq3VPIdrV:49TPmirh9Zdh6MvCbdq3arV

    Score
    10/10
    ramnitbankerdiscoveryspywarestealertrojanupxworm

    • Ramnit

      Ramnit is a versatile family that holds viruses, worms, and Trojans.

      trojanspywarestealerwormbankerramnit

    • Ramnit family

      ramnit

    • Executes dropped EXE

    • Loads dropped DLL

    • Drops file in System32 directory

    • UPX packed file

      Detects executables packed with UPX/modified UPX open source packer.

      upx
    behavioral1behavioral2

MITRE ATT&CK Enterprise v15

Tasks