ramnit | 49224989309e40316035c65ce61043cd6e3594ff096bcc631aa721f10a859fbf | Triage

Submit
Reports

Overview

overview

Static

static

3

e097015a64...18.dll

windows7-x64

e097015a64...18.dll

windows10-2004-x64

Sharing

General

Target

e097015a642fdfe925f5ed76e2cbcebf_JaffaCakes118
Size

258KB
Sample

241211-j5svjsyqcj
MD5

e097015a642fdfe925f5ed76e2cbcebf
SHA1

9ffb88f0ec1da375514aa2a651cd9913f7bd50b3
SHA256

49224989309e40316035c65ce61043cd6e3594ff096bcc631aa721f10a859fbf
SHA512

29e2b3f31e2cc6b6fbfffece8c7d2d78bf5ba1893793674a82c8350b15ca3cec42c166c6f9487354b1fe47c889c1a2a02971d9e01cafb097b63f46032bfb9cb7
SSDEEP

6144:c2OMrnQb6eJxq+Uyc518UWq9XT3JLqaSw90Hn6d:BO6Q2eLw9jZLqaEH2

Score

10^/10

ramnit banker discovery spyware stealer trojan upx worm

Static task

static1

1 signatures

Behavioral task

behavioral1

Sample

e097015a642fdfe925f5ed76e2cbcebf_JaffaCakes118.dll

Resource

win7-20240708-en

ramnit banker discovery spyware stealer trojan upx worm

windows7-x64

9 signatures

150 seconds

Behavioral task

behavioral2

Sample

e097015a642fdfe925f5ed76e2cbcebf_JaffaCakes118.dll

Resource

win10v2004-20241007-en

ramnit banker discovery spyware stealer trojan upx worm

windows10-2004-x64

9 signatures

150 seconds

Malware Config

Targets

- Target
  
  e097015a642fdfe925f5ed76e2cbcebf_JaffaCakes118
- Size
  
  258KB
- MD5
  
  e097015a642fdfe925f5ed76e2cbcebf
- SHA1
  
  9ffb88f0ec1da375514aa2a651cd9913f7bd50b3
- SHA256
  
  49224989309e40316035c65ce61043cd6e3594ff096bcc631aa721f10a859fbf
- SHA512
  
  29e2b3f31e2cc6b6fbfffece8c7d2d78bf5ba1893793674a82c8350b15ca3cec42c166c6f9487354b1fe47c889c1a2a02971d9e01cafb097b63f46032bfb9cb7
- SSDEEP
  
  6144:c2OMrnQb6eJxq+Uyc518UWq9XT3JLqaSw90Hn6d:BO6Q2eLw9jZLqaEH2
Score

10^/10

ramnit banker discovery spyware stealer trojan upx worm
- Ramnit
  Ramnit is a versatile family that holds viruses, worms, and Trojans.
  trojan spyware stealer worm banker ramnit
- Ramnit family
  ramnit
- Executes dropped EXE
- Loads dropped DLL
- Drops file in System32 directory
- UPX packed file
  Detects executables packed with UPX/modified UPX open source packer.
  upx
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

System Location Discovery

System Language Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

ramnitbankerdiscoveryspywarestealertrojanupxworm

behavioral2

ramnitbankerdiscoveryspywarestealertrojanupxworm

© 2018-2025

Terms | Privacy