ramnit | 844bd12f412a37c561d510ec24b7084f4a30e01b263b8a6a5871516cbb1180f8 | Triage

Submit
Reports

Overview

overview

Static

static

3

JaffaCakes...00.dll

windows7-x64

JaffaCakes...00.dll

windows10-2004-x64

Sharing

General

Target

JaffaCakes118_00e502c0dce97e32cd0a892c6db2c600
Size

88KB
Sample

241231-csd3asypgl
MD5

00e502c0dce97e32cd0a892c6db2c600
SHA1

d59439e17178b8a7df7001214750659028942306
SHA256

844bd12f412a37c561d510ec24b7084f4a30e01b263b8a6a5871516cbb1180f8
SHA512

1ca43cdb832987fe21702e4918b753ffcd59a5cd180fc946a51d52c5b2a88b05d8c10f36a711e54c309b996db64f453027c7f3bd6815442be47d2ba2e83919ca
SSDEEP

1536:9YvdaU2qBc160nY9OpcjQe1cprcUXC1+h7950tLYCj:mtcnOicjj2rrJ0D

Score

10^/10

ramnit banker discovery spyware stealer trojan upx worm

Static task

static1

1 signatures

Behavioral task

behavioral1

Sample

JaffaCakes118_00e502c0dce97e32cd0a892c6db2c600.dll

Resource

win7-20240903-en

ramnit banker discovery spyware stealer trojan upx worm

windows7-x64

14 signatures

150 seconds

Behavioral task

behavioral2

Sample

JaffaCakes118_00e502c0dce97e32cd0a892c6db2c600.dll

Resource

win10v2004-20241007-en

ramnit banker discovery spyware stealer trojan upx worm

windows10-2004-x64

13 signatures

150 seconds

Malware Config

Targets

- Target
  
  JaffaCakes118_00e502c0dce97e32cd0a892c6db2c600
- Size
  
  88KB
- MD5
  
  00e502c0dce97e32cd0a892c6db2c600
- SHA1
  
  d59439e17178b8a7df7001214750659028942306
- SHA256
  
  844bd12f412a37c561d510ec24b7084f4a30e01b263b8a6a5871516cbb1180f8
- SHA512
  
  1ca43cdb832987fe21702e4918b753ffcd59a5cd180fc946a51d52c5b2a88b05d8c10f36a711e54c309b996db64f453027c7f3bd6815442be47d2ba2e83919ca
- SSDEEP
  
  1536:9YvdaU2qBc160nY9OpcjQe1cprcUXC1+h7950tLYCj:mtcnOicjj2rrJ0D
Score

10^/10

ramnit banker discovery spyware stealer trojan upx worm
- Ramnit
  Ramnit is a versatile family that holds viruses, worms, and Trojans.
  trojan spyware stealer worm banker ramnit
- Ramnit family
  ramnit
- Executes dropped EXE
- Loads dropped DLL
- Drops file in System32 directory
- UPX packed file
  Detects executables packed with UPX/modified UPX open source packer.
  upx
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Modify Registry

Credential Access

Discovery

System Location Discovery

System Language Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

ramnitbankerdiscoveryspywarestealertrojanupxworm

behavioral2

ramnitbankerdiscoveryspywarestealertrojanupxworm

© 2018-2025

Terms | Privacy