ramnit | fb34092430c5c04b193b78d12fa2f54bff3e1ae9b4dbbcc35d30a77bea56b178 | Triage

Submit
Reports

Overview

overview

Static

static

3

9c956ca242...18.dll

windows7-x64

9c956ca242...18.dll

windows10-2004-x64

Sharing

General

Target

9c956ca2422f98e23d42988671166e7d_JaffaCakes118
Size

428KB
Sample

241125-tq2h9a1qcq
MD5

9c956ca2422f98e23d42988671166e7d
SHA1

01d4a47cfacaa7489c73f64ddccbb694975c45d7
SHA256

fb34092430c5c04b193b78d12fa2f54bff3e1ae9b4dbbcc35d30a77bea56b178
SHA512

27d0c7b276aceb09462efb701fbec5f84e9305e5b9053970b809fdc0d3b6e88f03f3a22c788dcc88e3be69f5a4a41345f6b123af66d81b7edc746c60a58a3b30
SSDEEP

6144:cKIMnoOIAoKUbEJaOowej8RZFJKOZOXNc5cxbZiT0ZK1:pn3ahARZ/KHXNc5yM0ZK1

Score

10^/10

ramnit banker discovery spyware stealer trojan upx worm

Static task

static1

1 signatures

Behavioral task

behavioral1

Sample

9c956ca2422f98e23d42988671166e7d_JaffaCakes118.dll

Resource

win7-20240903-en

ramnit banker discovery spyware stealer trojan upx worm

windows7-x64

9 signatures

150 seconds

Behavioral task

behavioral2

Sample

9c956ca2422f98e23d42988671166e7d_JaffaCakes118.dll

Resource

win10v2004-20241007-en

ramnit banker discovery spyware stealer trojan upx worm

windows10-2004-x64

9 signatures

150 seconds

Malware Config

Targets

- Target
  
  9c956ca2422f98e23d42988671166e7d_JaffaCakes118
- Size
  
  428KB
- MD5
  
  9c956ca2422f98e23d42988671166e7d
- SHA1
  
  01d4a47cfacaa7489c73f64ddccbb694975c45d7
- SHA256
  
  fb34092430c5c04b193b78d12fa2f54bff3e1ae9b4dbbcc35d30a77bea56b178
- SHA512
  
  27d0c7b276aceb09462efb701fbec5f84e9305e5b9053970b809fdc0d3b6e88f03f3a22c788dcc88e3be69f5a4a41345f6b123af66d81b7edc746c60a58a3b30
- SSDEEP
  
  6144:cKIMnoOIAoKUbEJaOowej8RZFJKOZOXNc5cxbZiT0ZK1:pn3ahARZ/KHXNc5yM0ZK1
Score

10^/10

ramnit banker discovery spyware stealer trojan upx worm
- Ramnit
  Ramnit is a versatile family that holds viruses, worms, and Trojans.
  trojan spyware stealer worm banker ramnit
- Ramnit family
  ramnit
- Executes dropped EXE
- Loads dropped DLL
- Drops file in System32 directory
- UPX packed file
  Detects executables packed with UPX/modified UPX open source packer.
  upx
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

System Location Discovery

System Language Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

ramnitbankerdiscoveryspywarestealertrojanupxworm

behavioral2

ramnitbankerdiscoveryspywarestealertrojanupxworm

© 2018-2025

Terms | Privacy