ramnit | d450c1670548d8aa8f824db88d29551ec716eff4cfe1d5bada83fa7590333f6d | Triage

Submit
Reports

Overview

overview

Static

static

7

6b5af6ff48...18.dll

windows7-x64

6b5af6ff48...18.dll

windows10-2004-x64

Sharing

General

Target

6b5af6ff485715df9a63fc76c76c4638_JaffaCakes118
Size

143KB
Sample

240523-smpvlsfd5w
MD5

6b5af6ff485715df9a63fc76c76c4638
SHA1

4ca0ff9b30a432f2a07f4f3bfb50cb520d05d9ec
SHA256

d450c1670548d8aa8f824db88d29551ec716eff4cfe1d5bada83fa7590333f6d
SHA512

7a2e93e331b51a2ef21c1d80becf096fb352c48e5590babc7f00df96b7471d29cf90041b11c4a294df9b6ced956f3ac1e1159cd6137e17d712bd46494b8ebfb5
SSDEEP

3072:2HDp7pRuKjsir5HZFQGrsUwF7hplPoutjgmTVbXCW8Qnn4Fd5LOi:wRR5rhZFQGrsUwF7vlPoSTTrnn4PUi

Score

10^/10

ramnit banker spyware stealer trojan upx worm

Static task

static1

2 signatures

Behavioral task

behavioral1

Sample

6b5af6ff485715df9a63fc76c76c4638_JaffaCakes118.dll

Resource

win7-20240221-en

ramnit banker spyware stealer trojan upx worm

windows7-x64

12 signatures

150 seconds

Behavioral task

behavioral2

Sample

6b5af6ff485715df9a63fc76c76c4638_JaffaCakes118.dll

Resource

win10v2004-20240226-en

ramnit banker spyware stealer trojan upx worm

windows10-2004-x64

11 signatures

150 seconds

Malware Config

Targets

- Target
  
  6b5af6ff485715df9a63fc76c76c4638_JaffaCakes118
- Size
  
  143KB
- MD5
  
  6b5af6ff485715df9a63fc76c76c4638
- SHA1
  
  4ca0ff9b30a432f2a07f4f3bfb50cb520d05d9ec
- SHA256
  
  d450c1670548d8aa8f824db88d29551ec716eff4cfe1d5bada83fa7590333f6d
- SHA512
  
  7a2e93e331b51a2ef21c1d80becf096fb352c48e5590babc7f00df96b7471d29cf90041b11c4a294df9b6ced956f3ac1e1159cd6137e17d712bd46494b8ebfb5
- SSDEEP
  
  3072:2HDp7pRuKjsir5HZFQGrsUwF7hplPoutjgmTVbXCW8Qnn4Fd5LOi:wRR5rhZFQGrsUwF7vlPoSTTrnn4PUi
Score

10^/10

ramnit banker spyware stealer trojan upx worm
- Ramnit
  Ramnit is a versatile family that holds viruses, worms, and Trojans.
  trojan spyware stealer worm banker ramnit
- Executes dropped EXE
- Loads dropped DLL
- UPX packed file
  Detects executables packed with UPX/modified UPX open source packer.
  upx
- Drops file in System32 directory
behavioral1 behavioral2

MITRE ATT&CK Matrix ATT&CK v13

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Modify Registry

Credential Access

Discovery

Lateral Movement

Collection

Exfiltration

Command and Control

Impact

Resource Development

Reconnaissance

Tasks

static1

behavioral1

ramnitbankerspywarestealertrojanupxworm

behavioral2

ramnitbankerspywarestealertrojanupxworm

© 2018-2024

Terms | Privacy