ramnit | ae0efba06d4b96c0e60fa3b8a5a69d3ef242f2344c3a0cc071a3ab1e57f85191 | Triage

Submit
Reports

Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

Overview

overview

Static

static

1

a108f3d492...8.html

windows7-x64

a108f3d492...8.html

windows10-2004-x64

1

Sharing

General

Target

a108f3d4927a9ca1dfc7262344399fa1_JaffaCakes118
Size

143KB
Sample

240612-r5ea6ayere
MD5

a108f3d4927a9ca1dfc7262344399fa1
SHA1

6fa0feca28ff8889881cea7662187f69a0bfe992
SHA256

ae0efba06d4b96c0e60fa3b8a5a69d3ef242f2344c3a0cc071a3ab1e57f85191
SHA512

af7145c218445186d9fcfd2c8b55a132156f391754818b85ac73f357745af88a2e600384da9a75d7cbe2d51d1935feb6f9ee92bd48663f454aecbf546a78954e
SSDEEP

1536:SZijzg30ByLi+rffMxqNisaQx4V5roEIfGJZN8qbV76EX1UP09weXA3oJrusBTOZ:SUfyfkMY+BES09JXAnyrZalI+YQ

Score

10^/10

ramnit banker spyware stealer trojan upx worm

Static task

static1

Behavioral task

behavioral1

Sample

a108f3d4927a9ca1dfc7262344399fa1_JaffaCakes118.html

Resource

win7-20231129-en

ramnit banker spyware stealer trojan upx worm

windows7-x64

10 signatures

150 seconds

Behavioral task

behavioral2

Sample

a108f3d4927a9ca1dfc7262344399fa1_JaffaCakes118.html

Resource

win10v2004-20240611-en

windows10-2004-x64

6 signatures

150 seconds

Malware Config

Targets

- Target
  
  a108f3d4927a9ca1dfc7262344399fa1_JaffaCakes118
- Size
  
  143KB
- MD5
  
  a108f3d4927a9ca1dfc7262344399fa1
- SHA1
  
  6fa0feca28ff8889881cea7662187f69a0bfe992
- SHA256
  
  ae0efba06d4b96c0e60fa3b8a5a69d3ef242f2344c3a0cc071a3ab1e57f85191
- SHA512
  
  af7145c218445186d9fcfd2c8b55a132156f391754818b85ac73f357745af88a2e600384da9a75d7cbe2d51d1935feb6f9ee92bd48663f454aecbf546a78954e
- SSDEEP
  
  1536:SZijzg30ByLi+rffMxqNisaQx4V5roEIfGJZN8qbV76EX1UP09weXA3oJrusBTOZ:SUfyfkMY+BES09JXAnyrZalI+YQ
Score

10^/10

ramnit banker spyware stealer trojan upx worm
- Ramnit
  Ramnit is a versatile family that holds viruses, worms, and Trojans.
  trojan spyware stealer worm banker ramnit
- Executes dropped EXE
- Loads dropped DLL
- UPX packed file
  Detects executables packed with UPX/modified UPX open source packer.
  upx
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Modify Registry

Credential Access

Discovery

Query Registry

System Information Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

ramnitbankerspywarestealertrojanupxworm

behavioral2

© 2018-2025

Terms | Privacy

We care about your privacy.

This website stores cookies on your computer. These cookies are used to improve your website experience and provide more personalized services to you, both on this website and through other media. To find out more about the cookies we use, see our Privacy Policy.