ramnit | a176193a27dcd0a2c8308d7ce501e59a8b16a5a0daddce5852033f514669fa60 | Triage

Submit
Reports

Overview

overview

Static

static

1

da86c15439...8.html

windows7-x64

da86c15439...8.html

windows10-2004-x64

3

Sharing

General

Target

da86c15439f802842ea09c24d4c24b1f_JaffaCakes118
Size

130KB
Sample

240911-rk73qsvgkd
MD5

da86c15439f802842ea09c24d4c24b1f
SHA1

e2e21d290047655ecab7a207b2760003fdbc028f
SHA256

a176193a27dcd0a2c8308d7ce501e59a8b16a5a0daddce5852033f514669fa60
SHA512

b40d1da7c1d8f079aaded39c2a61f94e5ba34f0da5fdb3c1d62949df2a24b07e545f8f86e28ffd72d7dfed9a26ad2d0fc3786445335c1534270feb23a61be845
SSDEEP

3072:dcIRJ90b5RJCyfkMY+BES09JXAnyrZalI+YQ:GIRJ90b5RJHsMYod+X3oI+YQ

Score

10^/10

ramnit banker discovery spyware stealer trojan upx worm

Static task

static1

Behavioral task

behavioral1

Sample

da86c15439f802842ea09c24d4c24b1f_JaffaCakes118.html

Resource

win7-20240704-en

ramnit banker discovery spyware stealer trojan upx worm

windows7-x64

14 signatures

150 seconds

Behavioral task

behavioral2

Sample

da86c15439f802842ea09c24d4c24b1f_JaffaCakes118.html

Resource

win10v2004-20240802-en

windows10-2004-x64

7 signatures

150 seconds

Malware Config

Targets

- Target
  
  da86c15439f802842ea09c24d4c24b1f_JaffaCakes118
- Size
  
  130KB
- MD5
  
  da86c15439f802842ea09c24d4c24b1f
- SHA1
  
  e2e21d290047655ecab7a207b2760003fdbc028f
- SHA256
  
  a176193a27dcd0a2c8308d7ce501e59a8b16a5a0daddce5852033f514669fa60
- SHA512
  
  b40d1da7c1d8f079aaded39c2a61f94e5ba34f0da5fdb3c1d62949df2a24b07e545f8f86e28ffd72d7dfed9a26ad2d0fc3786445335c1534270feb23a61be845
- SSDEEP
  
  3072:dcIRJ90b5RJCyfkMY+BES09JXAnyrZalI+YQ:GIRJ90b5RJHsMYod+X3oI+YQ
Score

10^/10

ramnit banker discovery spyware stealer trojan upx worm
- Ramnit
  Ramnit is a versatile family that holds viruses, worms, and Trojans.
  trojan spyware stealer worm banker ramnit
- Executes dropped EXE
- Loads dropped DLL
- UPX packed file
  Detects executables packed with UPX/modified UPX open source packer.
  upx
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Modify Registry

Credential Access

Discovery

Browser Information Discovery

Query Registry

System Information Discovery

System Location Discovery

System Language Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

ramnitbankerdiscoveryspywarestealertrojanupxworm

behavioral2

© 2018-2024

Terms | Privacy