ramnit | f45e8dd85f4112fe77e5a04b56bbb59b84562bc856671837f6263fec7ee9c95d | Triage

Submit
Reports

Overview

overview

Static

static

3

JaffaCakes...b4.exe

windows7-x64

JaffaCakes...b4.exe

windows10-2004-x64

Sharing

General

Target

JaffaCakes118_044751d735882d2bf61d815c634830b4
Size

244KB
Sample

241231-ew2c4stphk
MD5

044751d735882d2bf61d815c634830b4
SHA1

0cb422d72667fded28816fbf1bd528769f6af6cc
SHA256

f45e8dd85f4112fe77e5a04b56bbb59b84562bc856671837f6263fec7ee9c95d
SHA512

cd4b37ec83f3d8a3550d29db2c1593df66944868bd4fae837c14c8c7d216279c89aaadf702350842b5fd44693a6c2d077d916db1703ff975e920f2d48db37a1f
SSDEEP

3072:XqPL1/7w6ZAs+VBKendp2CBF+7HyuizTkriXt4tDAGkEj90lZjxM5X8NQi1Jr7g0:YQVZnX2CWHhizTacSAlEZeM5XriQN7y

Score

10^/10

ramnit banker discovery spyware stealer trojan upx worm

Static task

static1

1 signatures

Behavioral task

behavioral1

Sample

JaffaCakes118_044751d735882d2bf61d815c634830b4.exe

Resource

win7-20240903-en

ramnit banker discovery spyware stealer trojan upx worm

windows7-x64

7 signatures

150 seconds

Behavioral task

behavioral2

Sample

JaffaCakes118_044751d735882d2bf61d815c634830b4.exe

Resource

win10v2004-20241007-en

ramnit banker discovery spyware stealer trojan upx worm

windows10-2004-x64

8 signatures

150 seconds

Malware Config

Targets

- Target
  
  JaffaCakes118_044751d735882d2bf61d815c634830b4
- Size
  
  244KB
- MD5
  
  044751d735882d2bf61d815c634830b4
- SHA1
  
  0cb422d72667fded28816fbf1bd528769f6af6cc
- SHA256
  
  f45e8dd85f4112fe77e5a04b56bbb59b84562bc856671837f6263fec7ee9c95d
- SHA512
  
  cd4b37ec83f3d8a3550d29db2c1593df66944868bd4fae837c14c8c7d216279c89aaadf702350842b5fd44693a6c2d077d916db1703ff975e920f2d48db37a1f
- SSDEEP
  
  3072:XqPL1/7w6ZAs+VBKendp2CBF+7HyuizTkriXt4tDAGkEj90lZjxM5X8NQi1Jr7g0:YQVZnX2CWHhizTacSAlEZeM5XriQN7y
Score

10^/10

ramnit banker discovery spyware stealer trojan upx worm
- Ramnit
  Ramnit is a versatile family that holds viruses, worms, and Trojans.
  trojan spyware stealer worm banker ramnit
- Ramnit family
  ramnit
- Executes dropped EXE
- Loads dropped DLL
- UPX packed file
  Detects executables packed with UPX/modified UPX open source packer.
  upx
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

System Location Discovery

System Language Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

ramnitbankerdiscoveryspywarestealertrojanupxworm

behavioral2

ramnitbankerdiscoveryspywarestealertrojanupxworm

© 2018-2025

Terms | Privacy