ramnit | 97274cefa21ee92ede22f0212d7bb3257b43c708d556d51d641372037103122a | Triage

Submit
Reports

Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

Overview

overview

Static

static

3

b02a56dcef...18.exe

windows7-x64

b02a56dcef...18.exe

windows10-2004-x64

Sharing

General

Target

b02a56dcef5b08e4d691c5bf336ecce4_JaffaCakes118
Size

133KB
Sample

240820-v3z2maydkq
MD5

b02a56dcef5b08e4d691c5bf336ecce4
SHA1

78a471e4ec810f836d0212d462a4d30e61b8d17f
SHA256

97274cefa21ee92ede22f0212d7bb3257b43c708d556d51d641372037103122a
SHA512

b3bc9cf88c3f0d09a1e8133b9363e3424406ef70b9fae12f6aa4166c96ce9d613e9e2d97577b0aa15daf28e2cb41da5ed350050348439dfa96ca528ed9c8a153
SSDEEP

3072:Y+FDzK71QkbstyJjCKICpC72s/mlaXcIh08tH:Y+I713bstyJj0sC7/HcIh7tH

Score

10^/10

ramnit banker discovery spyware stealer trojan upx worm

Static task

static1

1 signatures

Behavioral task

behavioral1

Sample

b02a56dcef5b08e4d691c5bf336ecce4_JaffaCakes118.exe

Resource

win7-20240704-en

ramnit banker discovery spyware stealer trojan upx worm

windows7-x64

6 signatures

150 seconds

Behavioral task

behavioral2

Sample

b02a56dcef5b08e4d691c5bf336ecce4_JaffaCakes118.exe

Resource

win10v2004-20240802-en

ramnit banker discovery spyware stealer trojan upx worm

windows10-2004-x64

6 signatures

150 seconds

Malware Config

Targets

- Target
  
  b02a56dcef5b08e4d691c5bf336ecce4_JaffaCakes118
- Size
  
  133KB
- MD5
  
  b02a56dcef5b08e4d691c5bf336ecce4
- SHA1
  
  78a471e4ec810f836d0212d462a4d30e61b8d17f
- SHA256
  
  97274cefa21ee92ede22f0212d7bb3257b43c708d556d51d641372037103122a
- SHA512
  
  b3bc9cf88c3f0d09a1e8133b9363e3424406ef70b9fae12f6aa4166c96ce9d613e9e2d97577b0aa15daf28e2cb41da5ed350050348439dfa96ca528ed9c8a153
- SSDEEP
  
  3072:Y+FDzK71QkbstyJjCKICpC72s/mlaXcIh08tH:Y+I713bstyJj0sC7/HcIh7tH
Score

10^/10

ramnit banker discovery spyware stealer trojan upx worm
- Ramnit
  Ramnit is a versatile family that holds viruses, worms, and Trojans.
  trojan spyware stealer worm banker ramnit
- Loads dropped DLL
- UPX packed file
  Detects executables packed with UPX/modified UPX open source packer.
  upx
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

System Location Discovery

System Language Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

ramnitbankerdiscoveryspywarestealertrojanupxworm

behavioral2

ramnitbankerdiscoveryspywarestealertrojanupxworm

© 2018-2025

Terms | Privacy