ramnit | ef81d74e296a4be6c0725c21816bae99ca54b923129d44db1beeb78a20c94755 | Triage

Submit
Reports

Overview

overview

Static

static

1

f0f5982b2f...8.html

windows7-x64

f0f5982b2f...8.html

windows10-2004-x64

3

Sharing

General

Target

f0f5982b2fabe4232b805f3ba09d8349_JaffaCakes118
Size

158KB
Sample

241214-16fp2swlbt
MD5

f0f5982b2fabe4232b805f3ba09d8349
SHA1

335756f983aab5bd06662c059f7c969d98e871c2
SHA256

ef81d74e296a4be6c0725c21816bae99ca54b923129d44db1beeb78a20c94755
SHA512

628c208e832e4e8c91e2fdb837d8b81a6153d2e3892b741894b045c8bb72b43f1ad3356695947b4026aa77228056c7130a38f19e46f9b0282be65813c7658e4d
SSDEEP

1536:iERTdcaojijdEayLi+rffMxqNisaQx4V5roEIfGJZN8qbV76EX1UP09weXA3oJrk:i2amCayfkMY+BES09JXAnyrZalI+YQ

Score

10^/10

ramnit banker discovery spyware stealer trojan upx worm

Static task

static1

Behavioral task

behavioral1

Sample

f0f5982b2fabe4232b805f3ba09d8349_JaffaCakes118.html

Resource

win7-20240903-en

ramnit banker discovery spyware stealer trojan upx worm

windows7-x64

12 signatures

150 seconds

Behavioral task

behavioral2

Sample

f0f5982b2fabe4232b805f3ba09d8349_JaffaCakes118.html

Resource

win10v2004-20241007-en

windows10-2004-x64

7 signatures

150 seconds

Malware Config

Targets

- Target
  
  f0f5982b2fabe4232b805f3ba09d8349_JaffaCakes118
- Size
  
  158KB
- MD5
  
  f0f5982b2fabe4232b805f3ba09d8349
- SHA1
  
  335756f983aab5bd06662c059f7c969d98e871c2
- SHA256
  
  ef81d74e296a4be6c0725c21816bae99ca54b923129d44db1beeb78a20c94755
- SHA512
  
  628c208e832e4e8c91e2fdb837d8b81a6153d2e3892b741894b045c8bb72b43f1ad3356695947b4026aa77228056c7130a38f19e46f9b0282be65813c7658e4d
- SSDEEP
  
  1536:iERTdcaojijdEayLi+rffMxqNisaQx4V5roEIfGJZN8qbV76EX1UP09weXA3oJrk:i2amCayfkMY+BES09JXAnyrZalI+YQ
Score

10^/10

ramnit banker discovery spyware stealer trojan upx worm
- Ramnit
  Ramnit is a versatile family that holds viruses, worms, and Trojans.
  trojan spyware stealer worm banker ramnit
- Ramnit family
  ramnit
- Executes dropped EXE
- Loads dropped DLL
- UPX packed file
  Detects executables packed with UPX/modified UPX open source packer.
  upx
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Modify Registry

Credential Access

Discovery

Browser Information Discovery

Query Registry

System Information Discovery

System Location Discovery

System Language Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

ramnitbankerdiscoveryspywarestealertrojanupxworm

behavioral2

© 2018-2024

Terms | Privacy