ramnit | d964afb2e08496352fa926912d9c6f6dc1d1a10bd13c4660ded4e81af1b4c030 | Triage

Submit
Reports

Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

Overview

overview

Static

static

1

23176c9bd0...8.html

windows7-x64

23176c9bd0...8.html

windows10-2004-x64

1

Sharing

General

Target

23176c9bd015f578adc37755551f98a6_JaffaCakes118
Size

569KB
Sample

240508-ejgg6sca94
MD5

23176c9bd015f578adc37755551f98a6
SHA1

36c20d5ff1d75a34aa447120413704b3f16f4a94
SHA256

d964afb2e08496352fa926912d9c6f6dc1d1a10bd13c4660ded4e81af1b4c030
SHA512

f4634beaf3bdf219cd78c996c08994f7fa0008d816659a950dc02c25f834272afa9b900222e2ed49edd6c7009ca84bf059e480b36685472e32c3cbec662d8e7d
SSDEEP

6144:ZgsMYod+X3oI+YNsMYod+X3oI+YRsMYod+X3oI+YlsMYod+X3oI+YGsMYod+X3oL:ZO5d+X3b5d+X3n5d+X3z5d+X3C5d+X3c

Score

10^/10

ramnit banker spyware stealer trojan upx worm

Static task

static1

Behavioral task

behavioral1

Sample

23176c9bd015f578adc37755551f98a6_JaffaCakes118.html

Resource

win7-20240221-en

ramnit banker spyware stealer trojan upx worm

windows7-x64

10 signatures

150 seconds

Behavioral task

behavioral2

Sample

23176c9bd015f578adc37755551f98a6_JaffaCakes118.html

Resource

win10v2004-20240426-en

windows10-2004-x64

6 signatures

150 seconds

Malware Config

Targets

- Target
  
  23176c9bd015f578adc37755551f98a6_JaffaCakes118
- Size
  
  569KB
- MD5
  
  23176c9bd015f578adc37755551f98a6
- SHA1
  
  36c20d5ff1d75a34aa447120413704b3f16f4a94
- SHA256
  
  d964afb2e08496352fa926912d9c6f6dc1d1a10bd13c4660ded4e81af1b4c030
- SHA512
  
  f4634beaf3bdf219cd78c996c08994f7fa0008d816659a950dc02c25f834272afa9b900222e2ed49edd6c7009ca84bf059e480b36685472e32c3cbec662d8e7d
- SSDEEP
  
  6144:ZgsMYod+X3oI+YNsMYod+X3oI+YRsMYod+X3oI+YlsMYod+X3oI+YGsMYod+X3oL:ZO5d+X3b5d+X3n5d+X3z5d+X3C5d+X3c
Score

10^/10

ramnit banker spyware stealer trojan upx worm
- Ramnit
  Ramnit is a versatile family that holds viruses, worms, and Trojans.
  trojan spyware stealer worm banker ramnit
- Executes dropped EXE
- Loads dropped DLL
- UPX packed file
  Detects executables packed with UPX/modified UPX open source packer.
  upx
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Modify Registry

Credential Access

Discovery

Query Registry

System Information Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

ramnitbankerspywarestealertrojanupxworm

behavioral2

© 2018-2025

Terms | Privacy