ramnit | 693b73b89731bb9da36d57ac0119dbfadacd1aff7d70e56e88c4d1259fb6c810 | Triage

Submit
Reports

Overview

overview

Static

static

3

91ee8540ae...18.dll

windows7-x64

91ee8540ae...18.dll

windows10-2004-x64

Sharing

General

Target

91ee8540ae559a08b03a6ca9e50858af_JaffaCakes118
Size

823KB
Sample

241124-ce27zayjgz
MD5

91ee8540ae559a08b03a6ca9e50858af
SHA1

9990082c4134b8785092c5d331784edcba97883d
SHA256

693b73b89731bb9da36d57ac0119dbfadacd1aff7d70e56e88c4d1259fb6c810
SHA512

cc93f99bb258dfd6b76776a6d442634717e4d19423db9b1f4d648c948078282f654d804ccc82d3aa08ad9403a3af4440b43796c211c1702b9f9ba9a05d7b8a5f
SSDEEP

24576:OL5/rmRsmDWDPNuFhPvYrpLYHSfcoopooLY9Nu0ukz:cK5hPILYHSfeY9nukz

Score

10^/10

ramnit banker discovery spyware stealer trojan upx worm

Static task

static1

1 signatures

Behavioral task

behavioral1

Sample

91ee8540ae559a08b03a6ca9e50858af_JaffaCakes118.dll

Resource

win7-20241010-en

ramnit banker discovery spyware stealer trojan upx worm

windows7-x64

13 signatures

150 seconds

Behavioral task

behavioral2

Sample

91ee8540ae559a08b03a6ca9e50858af_JaffaCakes118.dll

Resource

win10v2004-20241007-en

ramnit banker discovery spyware stealer trojan upx worm

windows10-2004-x64

12 signatures

150 seconds

Malware Config

Targets

- Target
  
  91ee8540ae559a08b03a6ca9e50858af_JaffaCakes118
- Size
  
  823KB
- MD5
  
  91ee8540ae559a08b03a6ca9e50858af
- SHA1
  
  9990082c4134b8785092c5d331784edcba97883d
- SHA256
  
  693b73b89731bb9da36d57ac0119dbfadacd1aff7d70e56e88c4d1259fb6c810
- SHA512
  
  cc93f99bb258dfd6b76776a6d442634717e4d19423db9b1f4d648c948078282f654d804ccc82d3aa08ad9403a3af4440b43796c211c1702b9f9ba9a05d7b8a5f
- SSDEEP
  
  24576:OL5/rmRsmDWDPNuFhPvYrpLYHSfcoopooLY9Nu0ukz:cK5hPILYHSfeY9nukz
Score

10^/10

ramnit banker discovery spyware stealer trojan upx worm
- Ramnit
  Ramnit is a versatile family that holds viruses, worms, and Trojans.
  trojan spyware stealer worm banker ramnit
- Ramnit family
  ramnit
- Executes dropped EXE
- Loads dropped DLL
- Drops file in System32 directory
- UPX packed file
  Detects executables packed with UPX/modified UPX open source packer.
  upx
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Modify Registry

Credential Access

Discovery

System Location Discovery

System Language Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

ramnitbankerdiscoveryspywarestealertrojanupxworm

behavioral2

ramnitbankerdiscoveryspywarestealertrojanupxworm

© 2018-2025

Terms | Privacy