ramnit | 9d70c9a12971f5af30445b3b59ee34693ae4c8a8a3e2a6de04ac0ec4a31ec4f7 | Triage

Submit
Reports

Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

Overview

overview

Static

static

1

fc450ec8b6...8.html

windows7-x64

fc450ec8b6...8.html

windows10-2004-x64

3

Sharing

General

Target

fc450ec8b6e9d0193b94681e05329807_JaffaCakes118
Size

158KB
Sample

241218-tvym6avldt
MD5

fc450ec8b6e9d0193b94681e05329807
SHA1

4dcf076a371df25cf08a2bb695c5faf1e510e7f5
SHA256

9d70c9a12971f5af30445b3b59ee34693ae4c8a8a3e2a6de04ac0ec4a31ec4f7
SHA512

f66d02eb0a70660092e2ebe05e380a4ee70bc1902d5a7661ee064a91da3cba7476f7c8c692c24a95c11a73256817ea9325aeac940cec78e1098b4fee33e1f239
SSDEEP

1536:iURTVK/EIDKvqbHedXMEpDyLi+rffMxqNisaQx4V5roEIfGJZN8qbV76EX1UP09M:iGKsBDyfkMY+BES09JXAnyrZalI+YQ

Score

10^/10

ramnit banker discovery spyware stealer trojan upx worm

Static task

static1

Behavioral task

behavioral1

Sample

fc450ec8b6e9d0193b94681e05329807_JaffaCakes118.html

Resource

win7-20240903-en

ramnit banker discovery spyware stealer trojan upx worm

windows7-x64

12 signatures

150 seconds

Behavioral task

behavioral2

Sample

fc450ec8b6e9d0193b94681e05329807_JaffaCakes118.html

Resource

win10v2004-20241007-en

windows10-2004-x64

7 signatures

150 seconds

Malware Config

Targets

- Target
  
  fc450ec8b6e9d0193b94681e05329807_JaffaCakes118
- Size
  
  158KB
- MD5
  
  fc450ec8b6e9d0193b94681e05329807
- SHA1
  
  4dcf076a371df25cf08a2bb695c5faf1e510e7f5
- SHA256
  
  9d70c9a12971f5af30445b3b59ee34693ae4c8a8a3e2a6de04ac0ec4a31ec4f7
- SHA512
  
  f66d02eb0a70660092e2ebe05e380a4ee70bc1902d5a7661ee064a91da3cba7476f7c8c692c24a95c11a73256817ea9325aeac940cec78e1098b4fee33e1f239
- SSDEEP
  
  1536:iURTVK/EIDKvqbHedXMEpDyLi+rffMxqNisaQx4V5roEIfGJZN8qbV76EX1UP09M:iGKsBDyfkMY+BES09JXAnyrZalI+YQ
Score

10^/10

ramnit banker discovery spyware stealer trojan upx worm
- Ramnit
  Ramnit is a versatile family that holds viruses, worms, and Trojans.
  trojan spyware stealer worm banker ramnit
- Ramnit family
  ramnit
- Executes dropped EXE
- Loads dropped DLL
- UPX packed file
  Detects executables packed with UPX/modified UPX open source packer.
  upx
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Modify Registry

Credential Access

Discovery

Browser Information Discovery

Query Registry

System Information Discovery

System Location Discovery

System Language Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

ramnitbankerdiscoveryspywarestealertrojanupxworm

behavioral2

© 2018-2025

Terms | Privacy