ramnit | acc944d726c83004ade87e78f6629765eddeaee972de9b0f69bcf9a6cff1330b | Triage

Submit
Reports

Overview

overview

Static

static

3

f7772975a5...18.dll

windows7-x64

f7772975a5...18.dll

windows10-2004-x64

Sharing

General

Target

f7772975a5360f3396bc2d6a1c2cb674_JaffaCakes118
Size

948KB
Sample

241216-fvsv1swkav
MD5

f7772975a5360f3396bc2d6a1c2cb674
SHA1

4d69261a02bff2339b2a7fd976808b4d20f07fdd
SHA256

acc944d726c83004ade87e78f6629765eddeaee972de9b0f69bcf9a6cff1330b
SHA512

1828b63ea08a1f1d2aeef3270ac1b08d6ae2d61cb163a7954ba2f5698a46e3b41b35f82102ba0bd5b8fce42d6c3442583e930c3729f85e77023530237c663d0a
SSDEEP

24576:iD7xopx+JPLwUmQ9oXpnatxznRJz+9V/f0s:iZnPLwUmQ9+pwnRJ1s

Score

10^/10

ramnit banker discovery spyware stealer trojan upx worm

Static task

static1

1 signatures

Behavioral task

behavioral1

Sample

f7772975a5360f3396bc2d6a1c2cb674_JaffaCakes118.dll

Resource

win7-20241010-en

ramnit banker discovery spyware stealer trojan upx worm

windows7-x64

8 signatures

150 seconds

Behavioral task

behavioral2

Sample

f7772975a5360f3396bc2d6a1c2cb674_JaffaCakes118.dll

Resource

win10v2004-20241007-en

ramnit banker discovery spyware stealer trojan upx worm

windows10-2004-x64

9 signatures

150 seconds

Malware Config

Targets

- Target
  
  f7772975a5360f3396bc2d6a1c2cb674_JaffaCakes118
- Size
  
  948KB
- MD5
  
  f7772975a5360f3396bc2d6a1c2cb674
- SHA1
  
  4d69261a02bff2339b2a7fd976808b4d20f07fdd
- SHA256
  
  acc944d726c83004ade87e78f6629765eddeaee972de9b0f69bcf9a6cff1330b
- SHA512
  
  1828b63ea08a1f1d2aeef3270ac1b08d6ae2d61cb163a7954ba2f5698a46e3b41b35f82102ba0bd5b8fce42d6c3442583e930c3729f85e77023530237c663d0a
- SSDEEP
  
  24576:iD7xopx+JPLwUmQ9oXpnatxznRJz+9V/f0s:iZnPLwUmQ9+pwnRJ1s
Score

10^/10

ramnit banker discovery spyware stealer trojan upx worm
- Ramnit
  Ramnit is a versatile family that holds viruses, worms, and Trojans.
  trojan spyware stealer worm banker ramnit
- Ramnit family
  ramnit
- Executes dropped EXE
- Loads dropped DLL
- Drops file in System32 directory
- UPX packed file
  Detects executables packed with UPX/modified UPX open source packer.
  upx
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

System Location Discovery

System Language Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

ramnitbankerdiscoveryspywarestealertrojanupxworm

behavioral2

ramnitbankerdiscoveryspywarestealertrojanupxworm

© 2018-2024

Terms | Privacy