ramnit | 30faef67a778fc1d6ad92daee9f9d66ddf24650cd1cf98b3cf3846d0e1da0375 | Triage

Submit
Reports

Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

Overview

overview

Static

static

1

c29fbde118...8.html

windows7-x64

c29fbde118...8.html

windows10-2004-x64

3

Sharing

General

Target

c29fbde118ba243e7cfc750c77de61c0_JaffaCakes118
Size

704KB
Sample

240826-kcf6qawcrm
MD5

c29fbde118ba243e7cfc750c77de61c0
SHA1

9a002542f1f5afe25da0e0f08b618a8f394f3f53
SHA256

30faef67a778fc1d6ad92daee9f9d66ddf24650cd1cf98b3cf3846d0e1da0375
SHA512

261a65d0059151654fb898d336a1c69d972701541e03e97cfba6e1466a83971c79e8a03f7ae31312b1756679de046b5090b3ae089185697b82b9d1e614480e3c
SSDEEP

12288:6D5d+X3vWPSmq5d+X3vWPSmte5d+X3vWPSmi5d+X3vWPSmq:6b+PWPE+PWPS+PWP0+PWPe

Score

10^/10

ramnit banker discovery spyware stealer trojan upx worm

Static task

static1

Behavioral task

behavioral1

Sample

c29fbde118ba243e7cfc750c77de61c0_JaffaCakes118.html

Resource

win7-20240704-en

ramnit banker discovery spyware stealer trojan upx worm

windows7-x64

13 signatures

150 seconds

Behavioral task

behavioral2

Sample

c29fbde118ba243e7cfc750c77de61c0_JaffaCakes118.html

Resource

win10v2004-20240802-en

windows10-2004-x64

7 signatures

150 seconds

Malware Config

Targets

- Target
  
  c29fbde118ba243e7cfc750c77de61c0_JaffaCakes118
- Size
  
  704KB
- MD5
  
  c29fbde118ba243e7cfc750c77de61c0
- SHA1
  
  9a002542f1f5afe25da0e0f08b618a8f394f3f53
- SHA256
  
  30faef67a778fc1d6ad92daee9f9d66ddf24650cd1cf98b3cf3846d0e1da0375
- SHA512
  
  261a65d0059151654fb898d336a1c69d972701541e03e97cfba6e1466a83971c79e8a03f7ae31312b1756679de046b5090b3ae089185697b82b9d1e614480e3c
- SSDEEP
  
  12288:6D5d+X3vWPSmq5d+X3vWPSmte5d+X3vWPSmi5d+X3vWPSmq:6b+PWPE+PWPS+PWP0+PWPe
Score

10^/10

ramnit banker discovery spyware stealer trojan upx worm
- Ramnit
  Ramnit is a versatile family that holds viruses, worms, and Trojans.
  trojan spyware stealer worm banker ramnit
- Executes dropped EXE
- Loads dropped DLL
- UPX packed file
  Detects executables packed with UPX/modified UPX open source packer.
  upx
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Modify Registry

Credential Access

Discovery

Browser Information Discovery

Query Registry

System Information Discovery

System Location Discovery

System Language Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

ramnitbankerdiscoveryspywarestealertrojanupxworm

behavioral2

© 2018-2025

Terms | Privacy