ramnit

General

Target

JaffaCakes118_0d7c98ae4c7f1f027529f3deac80838f8b206ff2a26985fe375f0c56136ed026
Size

2.4MB
Sample

241222-ja18fayqgy
MD5

ad08ee1d961deab417474d43d7a0221f
SHA1

adc04c828eaae9827a754860a6078f81085572b6
SHA256

0d7c98ae4c7f1f027529f3deac80838f8b206ff2a26985fe375f0c56136ed026
SHA512

98c3bce1550751c809f8bddb3b8ac176ca705509b4d6e4a297c26d01844aed0717aa09f134fbf9d95839c84ff1b010a7cef1a11b7cc5760111e3784f1cf7b9fa
SSDEEP

49152:IsqzxG2pdmU09lO5o4WzdWmzJB1Brr+GCvRVQzaFA1sbxhiMbDM1hWG4:De4SdupdhJBznavLypIDF24

Score

10^/10

Malware Config

Targets

- Target
  
  LedBadge/LedBadge.exe
- Size
  
  6.6MB
- MD5
  
  b9c1348d84e3eec720d1e1e02480c139
- SHA1
  
  54682a9b74a9fa7f8b8446a6e1c295a7418e9616
- SHA256
  
  4bc8dfe2aec309abcd00656b991907bd88b0a84e11f63fa2ba7ca51149299483
- SHA512
  
  15837cac92bb2299b8060c0a0f201c120dc109c69cb5d1bd69640c77bb4c6a5c98faf78868cca9b5dd72d3dd8085f695594586b64102e903fd0f03ce0d25cede
- SSDEEP
  
  196608:JB/nTBQzSWhmWcBYAkm8dEEMj0sUQ83oBsXUg8GERgK:JhK
Score

10^/10

ramnit banker discovery spyware stealer trojan upx worm
- Ramnit
  Ramnit is a versatile family that holds viruses, worms, and Trojans.
  trojan spyware stealer worm banker ramnit
- Ramnit family
  ramnit
- Executes dropped EXE
- Loads dropped DLL
- UPX packed file
  Detects executables packed with UPX/modified UPX open source packer.
  upx
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Modify Registry

1

T1112

Credential Access

Discovery

System Information Discovery

1

T1082

System Location Discovery

1

T1614

System Language Discovery

1

T1614.001

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

Sharing

General

Malware Config

Targets

Ramnit family

Executes dropped EXE

Loads dropped DLL

UPX packed file

MITRE ATT&CK Enterprise v15

Tasks

static1

behavioral1

behavioral2