ramnit | b3351f60cbb7dff9684cd668e90d084eac4fd670f87dd08a1b738b604d521377 | Triage

Submit
Reports

Overview

overview

Static

static

3

JaffaCakes...60.dll

windows7-x64

JaffaCakes...60.dll

windows10-2004-x64

Sharing

General

Target

JaffaCakes118_432372863c7aa90b44f17dc294e40b60
Size

126KB
Sample

250101-ce8dzsspbq
MD5

432372863c7aa90b44f17dc294e40b60
SHA1

de1690809e9654c721000f4565b419c3f96d7a54
SHA256

b3351f60cbb7dff9684cd668e90d084eac4fd670f87dd08a1b738b604d521377
SHA512

9dd55712c1bcba5dd6245409b7504b774bb0645e00af54ccb1d820e84cc7b487517f5e5cb046b528daf9260fb1228dcc15666b0fa888a8097d13587341f274fd
SSDEEP

1536:lmXdu9dDxwwhPuBw4DhQ5gFIoXbFMFSFPsOwW/AvcXBFWC21k/:w4bhPuBwUSgqQblF3YcxFt21G

Score

10^/10

ramnit banker discovery spyware stealer trojan upx worm

Static task

static1

1 signatures

Behavioral task

behavioral1

Sample

JaffaCakes118_432372863c7aa90b44f17dc294e40b60.dll

Resource

win7-20240903-en

ramnit banker discovery spyware stealer trojan upx worm

windows7-x64

13 signatures

150 seconds

Behavioral task

behavioral2

Sample

JaffaCakes118_432372863c7aa90b44f17dc294e40b60.dll

Resource

win10v2004-20241007-en

ramnit banker discovery spyware stealer trojan upx worm

windows10-2004-x64

12 signatures

150 seconds

Malware Config

Targets

- Target
  
  JaffaCakes118_432372863c7aa90b44f17dc294e40b60
- Size
  
  126KB
- MD5
  
  432372863c7aa90b44f17dc294e40b60
- SHA1
  
  de1690809e9654c721000f4565b419c3f96d7a54
- SHA256
  
  b3351f60cbb7dff9684cd668e90d084eac4fd670f87dd08a1b738b604d521377
- SHA512
  
  9dd55712c1bcba5dd6245409b7504b774bb0645e00af54ccb1d820e84cc7b487517f5e5cb046b528daf9260fb1228dcc15666b0fa888a8097d13587341f274fd
- SSDEEP
  
  1536:lmXdu9dDxwwhPuBw4DhQ5gFIoXbFMFSFPsOwW/AvcXBFWC21k/:w4bhPuBwUSgqQblF3YcxFt21G
Score

10^/10

ramnit banker discovery spyware stealer trojan upx worm
- Ramnit
  Ramnit is a versatile family that holds viruses, worms, and Trojans.
  trojan spyware stealer worm banker ramnit
- Ramnit family
  ramnit
- Executes dropped EXE
- Loads dropped DLL
- Drops file in System32 directory
- UPX packed file
  Detects executables packed with UPX/modified UPX open source packer.
  upx
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Modify Registry

Credential Access

Discovery

System Location Discovery

System Language Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

ramnitbankerdiscoveryspywarestealertrojanupxworm

behavioral2

ramnitbankerdiscoveryspywarestealertrojanupxworm

© 2018-2025

Terms | Privacy