ramnit | 561afbc84af7b362c1d90959ea065553f0208e8853a3a600416fb6e861e8544b | Triage

Submit
Reports

Overview

overview

Static

static

3

JaffaCakes...80.dll

windows7-x64

JaffaCakes...80.dll

windows10-2004-x64

Sharing

General

Target

JaffaCakes118_4660c704efb5980daebbf4210513bf80
Size

1016KB
Sample

250101-ekh3dswpdj
MD5

4660c704efb5980daebbf4210513bf80
SHA1

1fc721a624c106686d5713030963f484106fab82
SHA256

561afbc84af7b362c1d90959ea065553f0208e8853a3a600416fb6e861e8544b
SHA512

e7cfaaa5e7d52fff9af934006a6b33c2a5d7ee9d7a58af9bc4b175afdb939bde63e98047da7cb457727af2a0231ec98f98aaf5248c2c76734a5d54e1efbe9f08
SSDEEP

24576:3SkBoSUz+KEfWfMYeTc6e/lw/TikzSAPObmBXPuFVQ6HCSLN7F:CkB4E+pkWkTikzSAPOb4XP87LX

Score

10^/10

ramnit banker discovery spyware stealer trojan upx worm

Static task

static1

1 signatures

Behavioral task

behavioral1

Sample

JaffaCakes118_4660c704efb5980daebbf4210513bf80.dll

Resource

win7-20241010-en

ramnit banker discovery spyware stealer trojan upx worm

windows7-x64

9 signatures

150 seconds

Behavioral task

behavioral2

Sample

JaffaCakes118_4660c704efb5980daebbf4210513bf80.dll

Resource

win10v2004-20241007-en

ramnit banker discovery spyware stealer trojan upx worm

windows10-2004-x64

9 signatures

150 seconds

Malware Config

Targets

- Target
  
  JaffaCakes118_4660c704efb5980daebbf4210513bf80
- Size
  
  1016KB
- MD5
  
  4660c704efb5980daebbf4210513bf80
- SHA1
  
  1fc721a624c106686d5713030963f484106fab82
- SHA256
  
  561afbc84af7b362c1d90959ea065553f0208e8853a3a600416fb6e861e8544b
- SHA512
  
  e7cfaaa5e7d52fff9af934006a6b33c2a5d7ee9d7a58af9bc4b175afdb939bde63e98047da7cb457727af2a0231ec98f98aaf5248c2c76734a5d54e1efbe9f08
- SSDEEP
  
  24576:3SkBoSUz+KEfWfMYeTc6e/lw/TikzSAPObmBXPuFVQ6HCSLN7F:CkB4E+pkWkTikzSAPOb4XP87LX
Score

10^/10

ramnit banker discovery spyware stealer trojan upx worm
- Ramnit
  Ramnit is a versatile family that holds viruses, worms, and Trojans.
  trojan spyware stealer worm banker ramnit
- Ramnit family
  ramnit
- Executes dropped EXE
- Loads dropped DLL
- Drops file in System32 directory
- UPX packed file
  Detects executables packed with UPX/modified UPX open source packer.
  upx
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

System Location Discovery

System Language Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

ramnitbankerdiscoveryspywarestealertrojanupxworm

behavioral2

ramnitbankerdiscoveryspywarestealertrojanupxworm

© 2018-2025

Terms | Privacy