ramnit | 4afafaefd3c68af66908e21a3dcc5a6ca02ca6fee6312eb170b49351345468f7 | Triage

Submit
Reports

Overview

overview

Static

static

3

JaffaCakes...01.dll

windows7-x64

JaffaCakes...01.dll

windows10-2004-x64

Sharing

General

Target

JaffaCakes118_49f735aee20ed58633584ac45983c301
Size

466KB
Sample

250101-gwdm6axjaz
MD5

49f735aee20ed58633584ac45983c301
SHA1

92c2fe65f48b45b7980c1dcf3b575424c0b70ce8
SHA256

4afafaefd3c68af66908e21a3dcc5a6ca02ca6fee6312eb170b49351345468f7
SHA512

0cafc36d0214c46e5e1688776e3f4b402af854c01e2783b16bf678a1b2a821f229c360f30dc9ce3ada9da98e2bb80579222a935d05771c2ab698ec533847223e
SSDEEP

6144:o3BXPF1135OCy9MqXqDkOMLVOVibgPomnCdAO2Y79vmp42YggElihx1BO9z0OYYp:oBFP3ELR6MROkbgPZnYp9GihziADYp

Score

10^/10

ramnit banker discovery spyware stealer trojan upx worm

Static task

static1

1 signatures

Behavioral task

behavioral1

Sample

JaffaCakes118_49f735aee20ed58633584ac45983c301.dll

Resource

win7-20240903-en

ramnit banker discovery spyware stealer trojan upx worm

windows7-x64

9 signatures

150 seconds

Behavioral task

behavioral2

Sample

JaffaCakes118_49f735aee20ed58633584ac45983c301.dll

Resource

win10v2004-20241007-en

ramnit banker discovery spyware stealer trojan upx worm

windows10-2004-x64

9 signatures

150 seconds

Malware Config

Targets

- Target
  
  JaffaCakes118_49f735aee20ed58633584ac45983c301
- Size
  
  466KB
- MD5
  
  49f735aee20ed58633584ac45983c301
- SHA1
  
  92c2fe65f48b45b7980c1dcf3b575424c0b70ce8
- SHA256
  
  4afafaefd3c68af66908e21a3dcc5a6ca02ca6fee6312eb170b49351345468f7
- SHA512
  
  0cafc36d0214c46e5e1688776e3f4b402af854c01e2783b16bf678a1b2a821f229c360f30dc9ce3ada9da98e2bb80579222a935d05771c2ab698ec533847223e
- SSDEEP
  
  6144:o3BXPF1135OCy9MqXqDkOMLVOVibgPomnCdAO2Y79vmp42YggElihx1BO9z0OYYp:oBFP3ELR6MROkbgPZnYp9GihziADYp
Score

10^/10

ramnit banker discovery spyware stealer trojan upx worm
- Ramnit
  Ramnit is a versatile family that holds viruses, worms, and Trojans.
  trojan spyware stealer worm banker ramnit
- Ramnit family
  ramnit
- Executes dropped EXE
- Loads dropped DLL
- Drops file in System32 directory
- UPX packed file
  Detects executables packed with UPX/modified UPX open source packer.
  upx
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

System Location Discovery

System Language Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

ramnitbankerdiscoveryspywarestealertrojanupxworm

behavioral2

ramnitbankerdiscoveryspywarestealertrojanupxworm

© 2018-2025

Terms | Privacy