ramnit | 766613fa1f458085a357b27153d3303a4bbdb6aed92fbc2a38826de860440772 | Triage

Submit
Reports

Overview

overview

Static

static

3

d80ddb6d0b...18.dll

windows7-x64

3

d80ddb6d0b...18.dll

windows10-2004-x64

Sharing

General

Target

d80ddb6d0bce2dab0829c87f1aca1f06_JaffaCakes118
Size

213KB
Sample

241208-vb7bmazjby
MD5

d80ddb6d0bce2dab0829c87f1aca1f06
SHA1

0ff8d29cf4939af3cf4f783d8fc0dac813b5a2d9
SHA256

766613fa1f458085a357b27153d3303a4bbdb6aed92fbc2a38826de860440772
SHA512

01dbf42bde0b7e5d39bfe307bf7b5ceef48847826d767e0fda54d9c49793611c967ee01c0caf7694928bcb803517c2785321bc57f3709e8074e558f76f363f52
SSDEEP

3072:jB9OJkQIl1I3UJvOreBTg4vRPo5lNJ7+XNtUU/csukP8bpuzMOjLVU7tc+riie9C:jB9OCh1IOOcPWSMOjLAiitJOFqkf8lb

Score

10^/10

ramnit banker discovery spyware stealer trojan upx worm

Static task

static1

1 signatures

Behavioral task

behavioral1

Sample

d80ddb6d0bce2dab0829c87f1aca1f06_JaffaCakes118.dll

Resource

win7-20241023-en

windows7-x64

2 signatures

150 seconds

Behavioral task

behavioral2

Sample

d80ddb6d0bce2dab0829c87f1aca1f06_JaffaCakes118.dll

Resource

win10v2004-20241007-en

ramnit banker discovery spyware stealer trojan upx worm

windows10-2004-x64

15 signatures

150 seconds

Malware Config

Targets

- Target
  
  d80ddb6d0bce2dab0829c87f1aca1f06_JaffaCakes118
- Size
  
  213KB
- MD5
  
  d80ddb6d0bce2dab0829c87f1aca1f06
- SHA1
  
  0ff8d29cf4939af3cf4f783d8fc0dac813b5a2d9
- SHA256
  
  766613fa1f458085a357b27153d3303a4bbdb6aed92fbc2a38826de860440772
- SHA512
  
  01dbf42bde0b7e5d39bfe307bf7b5ceef48847826d767e0fda54d9c49793611c967ee01c0caf7694928bcb803517c2785321bc57f3709e8074e558f76f363f52
- SSDEEP
  
  3072:jB9OJkQIl1I3UJvOreBTg4vRPo5lNJ7+XNtUU/csukP8bpuzMOjLVU7tc+riie9C:jB9OCh1IOOcPWSMOjLAiitJOFqkf8lb
Score

10^/10

discovery ramnit banker spyware stealer trojan upx worm
- Ramnit
  Ramnit is a versatile family that holds viruses, worms, and Trojans.
  trojan spyware stealer worm banker ramnit
- Ramnit family
  ramnit
- Executes dropped EXE
- Drops file in System32 directory
- UPX packed file
  Detects executables packed with UPX/modified UPX open source packer.
  upx
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Modify Registry

Credential Access

Discovery

System Location Discovery

System Language Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2

ramnitbankerdiscoveryspywarestealertrojanupxworm

© 2018-2025

Terms | Privacy