ramnit | cf16d3ca3b4342037cc7a8af47db1c35e3b29408638f6f5d13e3da0edad9e178 | Triage

Submit
Reports

Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

Overview

overview

Static

static

1

db092a5e22...8.html

windows7-x64

db092a5e22...8.html

windows10-2004-x64

3

Sharing

General

Target

db092a5e22a3bc63550bcffa8d3b7d2f_JaffaCakes118
Size

347KB
Sample

240911-xs4ceaxepl
MD5

db092a5e22a3bc63550bcffa8d3b7d2f
SHA1

b3d3ea44c45b9a8ca3625729c39112f9c1572e97
SHA256

cf16d3ca3b4342037cc7a8af47db1c35e3b29408638f6f5d13e3da0edad9e178
SHA512

9a54a2a904a55150958fc8e74830b251cf17a4e3558f74b7429be06d31f9cdac16ef77cf1d3aa40e115f8f05b97bc871a26d2cf7eadac2e29f8f3a895869a375
SSDEEP

6144:9sMYod+X3oI+YIsMYod+X3oI+Y5sMYod+X3oI+YQ:J5d+X3c5d+X3f5d+X3+

Score

10^/10

ramnit banker discovery spyware stealer trojan upx worm

Static task

static1

Behavioral task

behavioral1

Sample

db092a5e22a3bc63550bcffa8d3b7d2f_JaffaCakes118.html

Resource

win7-20240903-en

ramnit banker discovery spyware stealer trojan upx worm

windows7-x64

11 signatures

150 seconds

Behavioral task

behavioral2

Sample

db092a5e22a3bc63550bcffa8d3b7d2f_JaffaCakes118.html

Resource

win10v2004-20240802-en

windows10-2004-x64

7 signatures

150 seconds

Malware Config

Targets

- Target
  
  db092a5e22a3bc63550bcffa8d3b7d2f_JaffaCakes118
- Size
  
  347KB
- MD5
  
  db092a5e22a3bc63550bcffa8d3b7d2f
- SHA1
  
  b3d3ea44c45b9a8ca3625729c39112f9c1572e97
- SHA256
  
  cf16d3ca3b4342037cc7a8af47db1c35e3b29408638f6f5d13e3da0edad9e178
- SHA512
  
  9a54a2a904a55150958fc8e74830b251cf17a4e3558f74b7429be06d31f9cdac16ef77cf1d3aa40e115f8f05b97bc871a26d2cf7eadac2e29f8f3a895869a375
- SSDEEP
  
  6144:9sMYod+X3oI+YIsMYod+X3oI+Y5sMYod+X3oI+YQ:J5d+X3c5d+X3f5d+X3+
Score

10^/10

ramnit banker discovery spyware stealer trojan upx worm
- Ramnit
  Ramnit is a versatile family that holds viruses, worms, and Trojans.
  trojan spyware stealer worm banker ramnit
- Executes dropped EXE
- Loads dropped DLL
- UPX packed file
  Detects executables packed with UPX/modified UPX open source packer.
  upx
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Modify Registry

Credential Access

Discovery

Browser Information Discovery

Query Registry

System Information Discovery

System Location Discovery

System Language Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

ramnitbankerdiscoveryspywarestealertrojanupxworm

behavioral2

© 2018-2025

Terms | Privacy