ramnit | 04450411430a597471376becdf83d43ebc9fe0c1be0c4dc23ff244664fc5d39b | Triage

Submit
Reports

Overview

overview

Static

static

3

f256534940...18.exe

windows7-x64

f256534940...18.exe

windows10-2004-x64

Sharing

General

Target

f256534940a4f46eef218677849b4b69_JaffaCakes118
Size

252KB
Sample

241215-fagx1swmcq
MD5

f256534940a4f46eef218677849b4b69
SHA1

f408d6e12ec35dc97b693e3eb5293ccbf449cf83
SHA256

04450411430a597471376becdf83d43ebc9fe0c1be0c4dc23ff244664fc5d39b
SHA512

334ce2aab63bec0e34543d374cee01ad25a441ea0b6d387419f658cf68fe8ec628fc83b8785dca820a8d155bf25d09bb069358429f695d325683c96adf086bfe
SSDEEP

6144:fAr3SgAOYFnOhqlqUOa1MnYPrO3DFoRGTYCCWga4qD+g:IbSjNnKqYUO7YPrO3oG0ja8g

Score

10^/10

ramnit banker discovery spyware stealer trojan upx worm

Static task

static1

1 signatures

Behavioral task

behavioral1

Sample

f256534940a4f46eef218677849b4b69_JaffaCakes118.exe

Resource

win7-20240903-en

ramnit banker discovery spyware stealer trojan upx worm

windows7-x64

7 signatures

150 seconds

Behavioral task

behavioral2

Sample

f256534940a4f46eef218677849b4b69_JaffaCakes118.exe

Resource

win10v2004-20241007-en

ramnit banker discovery spyware stealer trojan upx worm

windows10-2004-x64

8 signatures

150 seconds

Malware Config

Targets

- Target
  
  f256534940a4f46eef218677849b4b69_JaffaCakes118
- Size
  
  252KB
- MD5
  
  f256534940a4f46eef218677849b4b69
- SHA1
  
  f408d6e12ec35dc97b693e3eb5293ccbf449cf83
- SHA256
  
  04450411430a597471376becdf83d43ebc9fe0c1be0c4dc23ff244664fc5d39b
- SHA512
  
  334ce2aab63bec0e34543d374cee01ad25a441ea0b6d387419f658cf68fe8ec628fc83b8785dca820a8d155bf25d09bb069358429f695d325683c96adf086bfe
- SSDEEP
  
  6144:fAr3SgAOYFnOhqlqUOa1MnYPrO3DFoRGTYCCWga4qD+g:IbSjNnKqYUO7YPrO3oG0ja8g
Score

10^/10

ramnit banker discovery spyware stealer trojan upx worm
- Ramnit
  Ramnit is a versatile family that holds viruses, worms, and Trojans.
  trojan spyware stealer worm banker ramnit
- Ramnit family
  ramnit
- Executes dropped EXE
- Loads dropped DLL
- UPX packed file
  Detects executables packed with UPX/modified UPX open source packer.
  upx
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

System Location Discovery

System Language Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

ramnitbankerdiscoveryspywarestealertrojanupxworm

behavioral2

ramnitbankerdiscoveryspywarestealertrojanupxworm

© 2018-2024

Terms | Privacy