ramnit | eecbb29400d26df258e85aca9576a350d1f04ff40f747e59433a89f9a179654a | Triage

Submit
Reports

Overview

overview

Static

static

1

02e9d8adfe...8.html

windows7-x64

02e9d8adfe...8.html

windows10-2004-x64

1

Sharing

General

Target

02e9d8adfede32deadb459e937492d17_JaffaCakes118
Size

875KB
Sample

240427-k7zljsfd73
MD5

02e9d8adfede32deadb459e937492d17
SHA1

1993daa1dc983b7b1712030bd3e6b857008be3c7
SHA256

eecbb29400d26df258e85aca9576a350d1f04ff40f747e59433a89f9a179654a
SHA512

4d3abac9a48b61769a3861c330abfa6540993c9b65774caa8ee5a9d9a2a762ebaecfdb793ff6635930baadb807ec2349f25f7fcd4bcb1964800dbc381e6682a2
SSDEEP

12288:+5d+X30eK5d+X30en5d+X30eA5d+X30e85d+X30eE:8+Ueg+UeX+Ue6+Ue++UeE

Score

10^/10

ramnit banker spyware stealer trojan upx worm

Static task

static1

Behavioral task

behavioral1

Sample

02e9d8adfede32deadb459e937492d17_JaffaCakes118.html

Resource

win7-20240221-en

ramnit banker spyware stealer trojan upx worm

windows7-x64

12 signatures

150 seconds

Behavioral task

behavioral2

Sample

02e9d8adfede32deadb459e937492d17_JaffaCakes118.html

Resource

win10v2004-20240419-en

windows10-2004-x64

6 signatures

150 seconds

Malware Config

Targets

- Target
  
  02e9d8adfede32deadb459e937492d17_JaffaCakes118
- Size
  
  875KB
- MD5
  
  02e9d8adfede32deadb459e937492d17
- SHA1
  
  1993daa1dc983b7b1712030bd3e6b857008be3c7
- SHA256
  
  eecbb29400d26df258e85aca9576a350d1f04ff40f747e59433a89f9a179654a
- SHA512
  
  4d3abac9a48b61769a3861c330abfa6540993c9b65774caa8ee5a9d9a2a762ebaecfdb793ff6635930baadb807ec2349f25f7fcd4bcb1964800dbc381e6682a2
- SSDEEP
  
  12288:+5d+X30eK5d+X30en5d+X30eA5d+X30e85d+X30eE:8+Ueg+UeX+Ue6+Ue++UeE
Score

10^/10

ramnit banker spyware stealer trojan upx worm
- Ramnit
  Ramnit is a versatile family that holds viruses, worms, and Trojans.
  trojan spyware stealer worm banker ramnit
- Executes dropped EXE
- Loads dropped DLL
- UPX packed file
  Detects executables packed with UPX/modified UPX open source packer.
  upx
behavioral1 behavioral2

MITRE ATT&CK Matrix ATT&CK v13

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Modify Registry

Credential Access

Discovery

Query Registry

System Information Discovery

Lateral Movement

Collection

Exfiltration

Command and Control

Impact

Resource Development

Reconnaissance

Tasks

static1

behavioral1

ramnitbankerspywarestealertrojanupxworm

behavioral2

© 2018-2024

Terms | Privacy