ramnit | f766cbd8564026033e984d122f424371ca8963c3a7972409dd7ed59a52f5bb74 | Triage

Submit
Reports

Overview

overview

Static

static

3

JaffaCakes...10.exe

windows7-x64

JaffaCakes...10.exe

windows10-2004-x64

Sharing

General

Target

JaffaCakes118_45ee1a36449171fb2abb41a4ecc38a10
Size

178KB
Sample

250101-eaebfstle1
MD5

45ee1a36449171fb2abb41a4ecc38a10
SHA1

af4e344281980bbac2c1cbb191df663bd55fb232
SHA256

f766cbd8564026033e984d122f424371ca8963c3a7972409dd7ed59a52f5bb74
SHA512

d661f1ea0a4a26cbd9b786e24baf6d7c3de005c0c2bb5773b127ae0e9cbb3ad16adf30e542023122a4af97687e6715487e291bf2581142eed35fe0b7dbea25a2
SSDEEP

3072:akAwOzhjdRmSZiAqFbrnp+KsYGngDrSsi5LNURwM/0j4IJqmxOilu+jGvCsfe4mS:+w8h/7PCkKsYGgDrS1L2wDMIgmxBuKM7

Score

10^/10

ramnit banker discovery spyware stealer trojan upx worm

Static task

static1

1 signatures

Behavioral task

behavioral1

Sample

JaffaCakes118_45ee1a36449171fb2abb41a4ecc38a10.exe

Resource

win7-20240708-en

ramnit banker discovery spyware stealer trojan upx worm

windows7-x64

13 signatures

150 seconds

Behavioral task

behavioral2

Sample

JaffaCakes118_45ee1a36449171fb2abb41a4ecc38a10.exe

Resource

win10v2004-20241007-en

ramnit banker discovery spyware stealer trojan upx worm

windows10-2004-x64

12 signatures

150 seconds

Malware Config

Targets

- Target
  
  JaffaCakes118_45ee1a36449171fb2abb41a4ecc38a10
- Size
  
  178KB
- MD5
  
  45ee1a36449171fb2abb41a4ecc38a10
- SHA1
  
  af4e344281980bbac2c1cbb191df663bd55fb232
- SHA256
  
  f766cbd8564026033e984d122f424371ca8963c3a7972409dd7ed59a52f5bb74
- SHA512
  
  d661f1ea0a4a26cbd9b786e24baf6d7c3de005c0c2bb5773b127ae0e9cbb3ad16adf30e542023122a4af97687e6715487e291bf2581142eed35fe0b7dbea25a2
- SSDEEP
  
  3072:akAwOzhjdRmSZiAqFbrnp+KsYGngDrSsi5LNURwM/0j4IJqmxOilu+jGvCsfe4mS:+w8h/7PCkKsYGgDrS1L2wDMIgmxBuKM7
Score

10^/10

ramnit banker discovery spyware stealer trojan upx worm
- Ramnit
  Ramnit is a versatile family that holds viruses, worms, and Trojans.
  trojan spyware stealer worm banker ramnit
- Ramnit family
  ramnit
- Executes dropped EXE
- Loads dropped DLL
- UPX packed file
  Detects executables packed with UPX/modified UPX open source packer.
  upx
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Modify Registry

Credential Access

Discovery

System Location Discovery

System Language Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

ramnitbankerdiscoveryspywarestealertrojanupxworm

behavioral2

ramnitbankerdiscoveryspywarestealertrojanupxworm

© 2018-2025

Terms | Privacy