ramnit | 0b696bbab11d388e64ac725eefaf902388c366d0e16e831adb7fa94df04578b5 | Triage

Submit
Reports

Overview

overview

Static

static

3

JaffaCakes...23.dll

windows7-x64

JaffaCakes...23.dll

windows10-2004-x64

7

Sharing

General

Target

JaffaCakes118_029cbc64802dae15d6ded5e295a7e323
Size

359KB
Sample

241231-dz6xbsvnhw
MD5

029cbc64802dae15d6ded5e295a7e323
SHA1

d68e2006c01b08bc8f6cd9ee3d40077ab94959c1
SHA256

0b696bbab11d388e64ac725eefaf902388c366d0e16e831adb7fa94df04578b5
SHA512

8dbbbc50725909108b199b9e4ef996b68c8e2ccc3caaa85bacb71fd7f4c3934268e045d9b13eccb36bdceda4c802a1775aafea332f1096e1de8cf6e28caee450
SSDEEP

3072:EOBOLWXivHYMzv2HvP5YeBTEEP2831Vr/rF8QOSta7WeKwkB5fK4MmC896KA3wc+:EOp8HpzdQOStKpkB5fMZ2lJ

Score

10^/10

ramnit banker discovery spyware stealer trojan upx worm

Static task

static1

1 signatures

Behavioral task

behavioral1

Sample

JaffaCakes118_029cbc64802dae15d6ded5e295a7e323.dll

Resource

win7-20240903-en

ramnit banker discovery spyware stealer trojan upx worm

windows7-x64

13 signatures

150 seconds

Behavioral task

behavioral2

Sample

JaffaCakes118_029cbc64802dae15d6ded5e295a7e323.dll

Resource

win10v2004-20241007-en

windows10-2004-x64

6 signatures

150 seconds

Malware Config

Targets

- Target
  
  JaffaCakes118_029cbc64802dae15d6ded5e295a7e323
- Size
  
  359KB
- MD5
  
  029cbc64802dae15d6ded5e295a7e323
- SHA1
  
  d68e2006c01b08bc8f6cd9ee3d40077ab94959c1
- SHA256
  
  0b696bbab11d388e64ac725eefaf902388c366d0e16e831adb7fa94df04578b5
- SHA512
  
  8dbbbc50725909108b199b9e4ef996b68c8e2ccc3caaa85bacb71fd7f4c3934268e045d9b13eccb36bdceda4c802a1775aafea332f1096e1de8cf6e28caee450
- SSDEEP
  
  3072:EOBOLWXivHYMzv2HvP5YeBTEEP2831Vr/rF8QOSta7WeKwkB5fK4MmC896KA3wc+:EOp8HpzdQOStKpkB5fMZ2lJ
Score

10^/10

ramnit banker discovery spyware stealer trojan upx worm
- Ramnit
  Ramnit is a versatile family that holds viruses, worms, and Trojans.
  trojan spyware stealer worm banker ramnit
- Ramnit family
  ramnit
- Executes dropped EXE
- Loads dropped DLL
- Drops file in System32 directory
- UPX packed file
  Detects executables packed with UPX/modified UPX open source packer.
  upx
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Modify Registry

Credential Access

Discovery

System Location Discovery

System Language Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

ramnitbankerdiscoveryspywarestealertrojanupxworm

behavioral2

© 2018-2025

Terms | Privacy