ramnit | eb1771c5d37223af8296559b9e3f7e4183df3e77d27a4c3460f57ab022bc35e2 | Triage

Submit
Reports

Overview

overview

Static

static

3

2a2be84507...18.dll

windows7-x64

7

2a2be84507...18.dll

windows10-2004-x64

Sharing

General

Target

2a2be84507b43aaa4ca2e054d23a5433_JaffaCakes118
Size

148KB
Sample

240707-3grgcs1gmj
MD5

2a2be84507b43aaa4ca2e054d23a5433
SHA1

ffd600dbd298c2aea7d800f0ca83c911cb481990
SHA256

eb1771c5d37223af8296559b9e3f7e4183df3e77d27a4c3460f57ab022bc35e2
SHA512

fcdd53db50756bd8d5e82b19a83220b44c3edb839f1febe93b761403c44dbf2de8aed1e1c2efef99666cd1eab7ec62219f72dc8aa385370204600b4d719c3aa9
SSDEEP

1536:OFb/gIdEvntTRoxIzDpDLh5CIBuZxZVKtPzsrQPodnItC7dDhXpQ:OFVd8nRRoizFXhoIB2ZVmC3lbHS

Score

10^/10

ramnit banker spyware stealer trojan upx worm

Static task

static1

1 signatures

Behavioral task

behavioral1

Sample

2a2be84507b43aaa4ca2e054d23a5433_JaffaCakes118.dll

Resource

win7-20240704-en

windows7-x64

5 signatures

150 seconds

Behavioral task

behavioral2

Sample

2a2be84507b43aaa4ca2e054d23a5433_JaffaCakes118.dll

Resource

win10v2004-20240704-en

ramnit banker spyware stealer trojan upx worm

windows10-2004-x64

13 signatures

150 seconds

Malware Config

Targets

- Target
  
  2a2be84507b43aaa4ca2e054d23a5433_JaffaCakes118
- Size
  
  148KB
- MD5
  
  2a2be84507b43aaa4ca2e054d23a5433
- SHA1
  
  ffd600dbd298c2aea7d800f0ca83c911cb481990
- SHA256
  
  eb1771c5d37223af8296559b9e3f7e4183df3e77d27a4c3460f57ab022bc35e2
- SHA512
  
  fcdd53db50756bd8d5e82b19a83220b44c3edb839f1febe93b761403c44dbf2de8aed1e1c2efef99666cd1eab7ec62219f72dc8aa385370204600b4d719c3aa9
- SSDEEP
  
  1536:OFb/gIdEvntTRoxIzDpDLh5CIBuZxZVKtPzsrQPodnItC7dDhXpQ:OFVd8nRRoizFXhoIB2ZVmC3lbHS
Score

10^/10

ramnit banker spyware stealer trojan upx worm
- Ramnit
  Ramnit is a versatile family that holds viruses, worms, and Trojans.
  trojan spyware stealer worm banker ramnit
- Executes dropped EXE
- Loads dropped DLL
- UPX packed file
  Detects executables packed with UPX/modified UPX open source packer.
  upx
- Drops file in System32 directory
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Modify Registry

Credential Access

Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2

ramnitbankerspywarestealertrojanupxworm

© 2018-2024

Terms | Privacy