ramnit | c3954a6735bfa24b44a36af019bc5d6d77ee60876cd8347e493894b67bb39c6d | Triage

Submit
Reports

Overview

overview

Static

static

3

937557b0ff...18.exe

windows7-x64

937557b0ff...18.exe

windows10-2004-x64

Sharing

General

Target

937557b0ffc05994726901bc137c8eee_JaffaCakes118
Size

119KB
Sample

241124-jzdtfa1naw
MD5

937557b0ffc05994726901bc137c8eee
SHA1

25581275c6c9c86a4f7c6f617da075f170eaab19
SHA256

c3954a6735bfa24b44a36af019bc5d6d77ee60876cd8347e493894b67bb39c6d
SHA512

24d6d050d40656d522adacaa23bc7b968552f44ef78e8a41e181395644be7d1e33c6900b93d35137339fef7e47f1c4edba8e2e3d9f48d8b1b71e7fc5b4e8daa1
SSDEEP

3072:WnxwgxgfR/DVG7wBpEjLl1LuSBl8h+4z:++xDVG0BpMiU8h+4z

Score

10^/10

ramnit banker discovery evasion spyware stealer trojan upx worm

Static task

static1

1 signatures

Behavioral task

behavioral1

Sample

937557b0ffc05994726901bc137c8eee_JaffaCakes118.exe

Resource

win7-20241010-en

ramnit banker discovery spyware stealer trojan upx worm

windows7-x64

10 signatures

150 seconds

Behavioral task

behavioral2

Sample

937557b0ffc05994726901bc137c8eee_JaffaCakes118.exe

Resource

win10v2004-20241007-en

ramnit banker discovery evasion spyware stealer trojan upx worm

windows10-2004-x64

12 signatures

150 seconds

Malware Config

Targets

- Target
  
  937557b0ffc05994726901bc137c8eee_JaffaCakes118
- Size
  
  119KB
- MD5
  
  937557b0ffc05994726901bc137c8eee
- SHA1
  
  25581275c6c9c86a4f7c6f617da075f170eaab19
- SHA256
  
  c3954a6735bfa24b44a36af019bc5d6d77ee60876cd8347e493894b67bb39c6d
- SHA512
  
  24d6d050d40656d522adacaa23bc7b968552f44ef78e8a41e181395644be7d1e33c6900b93d35137339fef7e47f1c4edba8e2e3d9f48d8b1b71e7fc5b4e8daa1
- SSDEEP
  
  3072:WnxwgxgfR/DVG7wBpEjLl1LuSBl8h+4z:++xDVG0BpMiU8h+4z
Score

10^/10

ramnit banker discovery spyware stealer trojan upx worm evasion
- Modifies firewall policy service
  evasion
- Ramnit
  Ramnit is a versatile family that holds viruses, worms, and Trojans.
  trojan spyware stealer worm banker ramnit
- Ramnit family
  ramnit
- UPX packed file
  Detects executables packed with UPX/modified UPX open source packer.
  upx
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Create or Modify System Process

Windows Service

Privilege Escalation

Create or Modify System Process

Windows Service

Defense Evasion

Impair Defenses

Disable or Modify System Firewall

Modify Registry

Credential Access

Discovery

System Location Discovery

System Language Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

ramnitbankerdiscoveryspywarestealertrojanupxworm

behavioral2

ramnitbankerdiscoveryevasionspywarestealertrojanupxworm

© 2018-2024

Terms | Privacy