ramnit | 80056d108274a11174cd4aef20f756739f830dc107f39eef19aca6230a4ac535 | Triage

Submit
Reports

Overview

overview

Static

static

1

f0f2498a8b...8.html

windows7-x64

f0f2498a8b...8.html

windows10-2004-x64

3

Sharing

General

Target

f0f2498a8b805ca872e539b2f1bfaa64_JaffaCakes118
Size

155KB
Sample

241214-14g54awkfx
MD5

f0f2498a8b805ca872e539b2f1bfaa64
SHA1

ddd1b97275df7b7690062ae54bd803c652591870
SHA256

80056d108274a11174cd4aef20f756739f830dc107f39eef19aca6230a4ac535
SHA512

3661206c34bda83a348cb479ccc23ce636be302c380f57e7f7c301f7557659c377279e4380a6ce61906646dcaf139e4c1f5a48e1dbf9b858bf17548c382498cc
SSDEEP

1536:iGRTmjMwT1Op30puG43yLi+rffMxqNisaQx4V5roEIfGJZN8qbV76EX1UP09weXu:isIk3c+3yfkMY+BES09JXAnyrZalI+YQ

Score

10^/10

ramnit banker discovery spyware stealer trojan upx worm

Static task

static1

Behavioral task

behavioral1

Sample

f0f2498a8b805ca872e539b2f1bfaa64_JaffaCakes118.html

Resource

win7-20240903-en

ramnit banker discovery spyware stealer trojan upx worm

windows7-x64

12 signatures

150 seconds

Behavioral task

behavioral2

Sample

f0f2498a8b805ca872e539b2f1bfaa64_JaffaCakes118.html

Resource

win10v2004-20241007-en

windows10-2004-x64

7 signatures

150 seconds

Malware Config

Targets

- Target
  
  f0f2498a8b805ca872e539b2f1bfaa64_JaffaCakes118
- Size
  
  155KB
- MD5
  
  f0f2498a8b805ca872e539b2f1bfaa64
- SHA1
  
  ddd1b97275df7b7690062ae54bd803c652591870
- SHA256
  
  80056d108274a11174cd4aef20f756739f830dc107f39eef19aca6230a4ac535
- SHA512
  
  3661206c34bda83a348cb479ccc23ce636be302c380f57e7f7c301f7557659c377279e4380a6ce61906646dcaf139e4c1f5a48e1dbf9b858bf17548c382498cc
- SSDEEP
  
  1536:iGRTmjMwT1Op30puG43yLi+rffMxqNisaQx4V5roEIfGJZN8qbV76EX1UP09weXu:isIk3c+3yfkMY+BES09JXAnyrZalI+YQ
Score

10^/10

ramnit banker discovery spyware stealer trojan upx worm
- Ramnit
  Ramnit is a versatile family that holds viruses, worms, and Trojans.
  trojan spyware stealer worm banker ramnit
- Ramnit family
  ramnit
- Executes dropped EXE
- Loads dropped DLL
- UPX packed file
  Detects executables packed with UPX/modified UPX open source packer.
  upx
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Modify Registry

Credential Access

Discovery

Browser Information Discovery

Query Registry

System Information Discovery

System Location Discovery

System Language Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

ramnitbankerdiscoveryspywarestealertrojanupxworm

behavioral2

© 2018-2024

Terms | Privacy