ramnit | a4e67f5cceb0fbdd7303b0032b40bf60833b30c5887c47a63e7190b61c502b1c | Triage

Submit
Reports

Overview

overview

Static

static

1

6da06abbd7...8.html

windows7-x64

6da06abbd7...8.html

windows10-2004-x64

1

Sharing

General

Target

6da06abbd74e0e46be034fa01a312bdc_JaffaCakes118
Size

194KB
Sample

240524-he7qcagf58
MD5

6da06abbd74e0e46be034fa01a312bdc
SHA1

7ce5a503ce3e3e53eff0f4c4b8f0a06462a8c193
SHA256

a4e67f5cceb0fbdd7303b0032b40bf60833b30c5887c47a63e7190b61c502b1c
SHA512

aca9559e1cdf8808bf0e6010f8454e7eecb49c7a2bd110f2eed8406f3a3e8ed91c66d6692f2468d743f5b402860adf1fd09fae265bb887c81a11d89f0a0af8b4
SSDEEP

3072:SG5QzcIpHfHnm4Z4h75wc+HzyxVyfkMY+BES09JXAnyrZalI+YQ:SvKxAsMYod+X3oI+YQ

Score

10^/10

ramnit banker spyware stealer trojan upx worm

Static task

static1

Behavioral task

behavioral1

Sample

6da06abbd74e0e46be034fa01a312bdc_JaffaCakes118.html

Resource

win7-20240221-en

ramnit banker spyware stealer trojan upx worm

windows7-x64

10 signatures

150 seconds

Behavioral task

behavioral2

Sample

6da06abbd74e0e46be034fa01a312bdc_JaffaCakes118.html

Resource

win10v2004-20240426-en

windows10-2004-x64

6 signatures

150 seconds

Malware Config

Targets

- Target
  
  6da06abbd74e0e46be034fa01a312bdc_JaffaCakes118
- Size
  
  194KB
- MD5
  
  6da06abbd74e0e46be034fa01a312bdc
- SHA1
  
  7ce5a503ce3e3e53eff0f4c4b8f0a06462a8c193
- SHA256
  
  a4e67f5cceb0fbdd7303b0032b40bf60833b30c5887c47a63e7190b61c502b1c
- SHA512
  
  aca9559e1cdf8808bf0e6010f8454e7eecb49c7a2bd110f2eed8406f3a3e8ed91c66d6692f2468d743f5b402860adf1fd09fae265bb887c81a11d89f0a0af8b4
- SSDEEP
  
  3072:SG5QzcIpHfHnm4Z4h75wc+HzyxVyfkMY+BES09JXAnyrZalI+YQ:SvKxAsMYod+X3oI+YQ
Score

10^/10

ramnit banker spyware stealer trojan upx worm
- Ramnit
  Ramnit is a versatile family that holds viruses, worms, and Trojans.
  trojan spyware stealer worm banker ramnit
- Executes dropped EXE
- Loads dropped DLL
- UPX packed file
  Detects executables packed with UPX/modified UPX open source packer.
  upx
behavioral1 behavioral2

MITRE ATT&CK Matrix ATT&CK v13

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Modify Registry

Credential Access

Discovery

Query Registry

System Information Discovery

Lateral Movement

Collection

Exfiltration

Command and Control

Impact

Resource Development

Reconnaissance

Tasks

static1

behavioral1

ramnitbankerspywarestealertrojanupxworm

behavioral2

© 2018-2024

Terms | Privacy