ramnit | 44d20008fc41654681a6e7811c90a0b37a6f10007b2d2b676856bb49eb29d0fc | Triage

Sharing

General

Target

7498493e949b702165f21ac51ee5e02e_JaffaCakes118
Size

624KB
Sample

240726-spknnswapl
MD5

7498493e949b702165f21ac51ee5e02e
SHA1

5e5b197cd1f173fb8d62d9c59a24fca997b19012
SHA256

44d20008fc41654681a6e7811c90a0b37a6f10007b2d2b676856bb49eb29d0fc
SHA512

fc8bf0d1abec3f5fdb1a61233b3fdb0c387affe1df92dca6945830ab640a215f778d69f88aa8bdfae4d67b8485dbec09b4c12be7deb7f5f8ef64c8bacd66211a
SSDEEP

12288:N/EAAmS+Jundb2LvJKz26abtj/qIOdIIuFk33WkdUpl1L1QO:N/EArS+IWvJKz26Q/qIqpuC33Hmpn

Score

10^/10

ramnit banker discovery spyware stealer trojan worm

Malware Config

Targets

- Target
  
  7498493e949b702165f21ac51ee5e02e_JaffaCakes118
- Size
  
  624KB
- MD5
  
  7498493e949b702165f21ac51ee5e02e
- SHA1
  
  5e5b197cd1f173fb8d62d9c59a24fca997b19012
- SHA256
  
  44d20008fc41654681a6e7811c90a0b37a6f10007b2d2b676856bb49eb29d0fc
- SHA512
  
  fc8bf0d1abec3f5fdb1a61233b3fdb0c387affe1df92dca6945830ab640a215f778d69f88aa8bdfae4d67b8485dbec09b4c12be7deb7f5f8ef64c8bacd66211a
- SSDEEP
  
  12288:N/EAAmS+Jundb2LvJKz26abtj/qIOdIIuFk33WkdUpl1L1QO:N/EArS+IWvJKz26Q/qIqpuC33Hmpn
Score

10^/10

ramnit banker discovery spyware stealer trojan worm
- Ramnit
  Ramnit is a versatile family that holds viruses, worms, and Trojans.
  trojan spyware stealer worm banker ramnit
- Executes dropped EXE
- Loads dropped DLL
- Drops file in System32 directory
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

System Location Discovery

System Language Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

ramnitbankerdiscoveryspywarestealertrojanworm

behavioral2

ramnitbankerdiscoveryspywarestealertrojanworm