ramnit | d7cdd93c37689170cada182b822cb36fbe677754520c071b29204ee7a08dfcf1 | Triage

Sharing

General

Target

7523be47e7e1e088fd0facbc8e49bfdf_JaffaCakes118
Size

316KB
Sample

240726-wpap9aydlc
MD5

7523be47e7e1e088fd0facbc8e49bfdf
SHA1

7f8e560a5c8af9666a9ec1fd0b0cc53e92730a56
SHA256

d7cdd93c37689170cada182b822cb36fbe677754520c071b29204ee7a08dfcf1
SHA512

a34a519878866c94392d5c3dcf73ee838bee16be11f466f80481ef65520d3613f97e52fdd9a1e50f322bbd043606f9530fe53ef9463bcea7fabd257a3d9c8e55
SSDEEP

6144:u1fNQc93wVykQ+fQdZzcSAX9BOj/Km5DIw0+mUzaYMRLJmzj:ulicNIyccWSATq/K20OzzMhQzj

Score

10^/10

ramnit banker discovery spyware stealer trojan worm

Malware Config

Targets

- Target
  
  7523be47e7e1e088fd0facbc8e49bfdf_JaffaCakes118
- Size
  
  316KB
- MD5
  
  7523be47e7e1e088fd0facbc8e49bfdf
- SHA1
  
  7f8e560a5c8af9666a9ec1fd0b0cc53e92730a56
- SHA256
  
  d7cdd93c37689170cada182b822cb36fbe677754520c071b29204ee7a08dfcf1
- SHA512
  
  a34a519878866c94392d5c3dcf73ee838bee16be11f466f80481ef65520d3613f97e52fdd9a1e50f322bbd043606f9530fe53ef9463bcea7fabd257a3d9c8e55
- SSDEEP
  
  6144:u1fNQc93wVykQ+fQdZzcSAX9BOj/Km5DIw0+mUzaYMRLJmzj:ulicNIyccWSATq/K20OzzMhQzj
Score

10^/10

ramnit banker discovery spyware stealer trojan worm
- Ramnit
  Ramnit is a versatile family that holds viruses, worms, and Trojans.
  trojan spyware stealer worm banker ramnit
- Executes dropped EXE
- Loads dropped DLL
- Drops file in System32 directory
behavioral1 behavioral2

MITRE ATT&CK Matrix ATT&CK v13

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

System Location Discovery

System Language Discovery

Lateral Movement

Collection

Exfiltration

Command and Control

Impact

Resource Development

Reconnaissance

Tasks

static1

behavioral1

ramnitbankerdiscoveryspywarestealertrojanworm

behavioral2

ramnitbankerdiscoveryspywarestealertrojanworm