Overview

overview

10

Static

static

3

JaffaCakes...68.dll

windows7-x64

7

JaffaCakes...68.dll

windows10-2004-x64

10

Sharing

Copy URL
Twitter E-mail

General

  • Target

    JaffaCakes118_0abe17baba15b8722dc8b5a15594cc68

  • Size

    690KB

  • Sample

    250122-f5xlyszqgz

  • MD5

    0abe17baba15b8722dc8b5a15594cc68

  • SHA1

    db4d32809b6b7c6b39203e6864e8284673208855

  • SHA256

    7e53ca1ef7bfa58626c411efd6349ef113cbc71b14434edd5ef97e2b141d3150

  • SHA512

    dcf244923f310811a5e8221631bc7f71186248bbd83c731611a3cf6a0f7ffcb7ceef03df5cd4e6485b70cb899fc41dfdcebd6f6a7d62526e8406667cf91a42c8

  • SSDEEP

    12288:hE7NiOLg18+1/hv5VEipyz7mTWWa8afR2ftuD1xbmiU90V2arh:hE3+F5GipwuWWpj+OMrh

Score
10/10
ramnitbankerdiscoveryspywarestealertrojanupxworm

Malware Config

Targets

    • Target

      JaffaCakes118_0abe17baba15b8722dc8b5a15594cc68

    • Size

      690KB

    • MD5

      0abe17baba15b8722dc8b5a15594cc68

    • SHA1

      db4d32809b6b7c6b39203e6864e8284673208855

    • SHA256

      7e53ca1ef7bfa58626c411efd6349ef113cbc71b14434edd5ef97e2b141d3150

    • SHA512

      dcf244923f310811a5e8221631bc7f71186248bbd83c731611a3cf6a0f7ffcb7ceef03df5cd4e6485b70cb899fc41dfdcebd6f6a7d62526e8406667cf91a42c8

    • SSDEEP

      12288:hE7NiOLg18+1/hv5VEipyz7mTWWa8afR2ftuD1xbmiU90V2arh:hE3+F5GipwuWWpj+OMrh

    Score
    10/10
    discoveryramnitbankerspywarestealertrojanupxworm

    • Ramnit

      Ramnit is a versatile family that holds viruses, worms, and Trojans.

      trojanspywarestealerwormbankerramnit

    • Ramnit family

      ramnit

    • Executes dropped EXE

    • Loads dropped DLL

    • Drops file in System32 directory

    • UPX packed file

      Detects executables packed with UPX/modified UPX open source packer.

      upx
    behavioral1behavioral2

MITRE ATT&CK Enterprise v15

Tasks