ramnit | 44c78d114d24eef09db5900a677d2fa49c57f9fc88e170645a5f19306e64358e | Triage

Submit
Reports

Overview

overview

Static

static

1

f34eb6b792...8.html

windows7-x64

f34eb6b792...8.html

windows10-2004-x64

3

Sharing

General

Target

f34eb6b792c688960fffea70a92f877d_JaffaCakes118
Size

158KB
Sample

241215-k6rvbazlbw
MD5

f34eb6b792c688960fffea70a92f877d
SHA1

06dffa254031ccbb720d7c4d455d17a0a0a492d8
SHA256

44c78d114d24eef09db5900a677d2fa49c57f9fc88e170645a5f19306e64358e
SHA512

b254929a9103b663944c0b4ae2f469bcc136edcc16e851c84ea8ccee5e3bef9fb3a1d2e6c7c442ad7349ee1b06efb0a71f178ec5a3ab89ae9f02970d6101d195
SSDEEP

1536:isRTkX1BhRyZJwRjg0sryLi+rffMxqNisaQx4V5roEIfGJZN8qbV76EX1UP09wee:iukiGFsryfkMY+BES09JXAnyrZalI+YQ

Score

10^/10

ramnit banker discovery spyware stealer trojan upx worm

Static task

static1

Behavioral task

behavioral1

Sample

f34eb6b792c688960fffea70a92f877d_JaffaCakes118.html

Resource

win7-20240903-en

ramnit banker discovery spyware stealer trojan upx worm

windows7-x64

12 signatures

150 seconds

Behavioral task

behavioral2

Sample

f34eb6b792c688960fffea70a92f877d_JaffaCakes118.html

Resource

win10v2004-20241007-en

windows10-2004-x64

7 signatures

150 seconds

Malware Config

Targets

- Target
  
  f34eb6b792c688960fffea70a92f877d_JaffaCakes118
- Size
  
  158KB
- MD5
  
  f34eb6b792c688960fffea70a92f877d
- SHA1
  
  06dffa254031ccbb720d7c4d455d17a0a0a492d8
- SHA256
  
  44c78d114d24eef09db5900a677d2fa49c57f9fc88e170645a5f19306e64358e
- SHA512
  
  b254929a9103b663944c0b4ae2f469bcc136edcc16e851c84ea8ccee5e3bef9fb3a1d2e6c7c442ad7349ee1b06efb0a71f178ec5a3ab89ae9f02970d6101d195
- SSDEEP
  
  1536:isRTkX1BhRyZJwRjg0sryLi+rffMxqNisaQx4V5roEIfGJZN8qbV76EX1UP09wee:iukiGFsryfkMY+BES09JXAnyrZalI+YQ
Score

10^/10

ramnit banker discovery spyware stealer trojan upx worm
- Ramnit
  Ramnit is a versatile family that holds viruses, worms, and Trojans.
  trojan spyware stealer worm banker ramnit
- Ramnit family
  ramnit
- Executes dropped EXE
- Loads dropped DLL
- UPX packed file
  Detects executables packed with UPX/modified UPX open source packer.
  upx
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Modify Registry

Credential Access

Discovery

Browser Information Discovery

Query Registry

System Information Discovery

System Location Discovery

System Language Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

ramnitbankerdiscoveryspywarestealertrojanupxworm

behavioral2

© 2018-2024

Terms | Privacy