ramnit | 9b0363074d3f317c658bcc46976f19e970f4f83c0b773b963963b90f1cf78460 | Triage

Submit
Reports

Overview

overview

Static

static

3

JaffaCakes...fa.dll

windows7-x64

JaffaCakes...fa.dll

windows10-2004-x64

Sharing

General

Target

JaffaCakes118_65872ef017c824102aa43cdd18621afa
Size

96KB
Sample

250102-q3d2yawrhk
MD5

65872ef017c824102aa43cdd18621afa
SHA1

13ad67a031b0e8ad39d01d987f16e545a8fbe26c
SHA256

9b0363074d3f317c658bcc46976f19e970f4f83c0b773b963963b90f1cf78460
SHA512

bb531f0476572c70bd9dc6288c415444d89ae354c379dde59e64fbc677970050cccbe22c091b73774e761e386eaf595df368ddcd895b8cb1084a56e99f20d699
SSDEEP

1536:AibToqp78Cc2KGv7kThAtlojhGTIPg7GmOzZDujk7Mq8wLJATKeQ2:AibTTp78CcGv7kWtmjhGTIaOzZ4k7Mqw

Score

10^/10

ramnit banker discovery spyware stealer trojan upx worm

Static task

static1

1 signatures

Behavioral task

behavioral1

Sample

JaffaCakes118_65872ef017c824102aa43cdd18621afa.dll

Resource

win7-20240903-en

ramnit banker discovery spyware stealer trojan upx worm

windows7-x64

14 signatures

150 seconds

Behavioral task

behavioral2

Sample

JaffaCakes118_65872ef017c824102aa43cdd18621afa.dll

Resource

win10v2004-20241007-en

ramnit banker discovery spyware stealer trojan upx worm

windows10-2004-x64

13 signatures

150 seconds

Malware Config

Targets

- Target
  
  JaffaCakes118_65872ef017c824102aa43cdd18621afa
- Size
  
  96KB
- MD5
  
  65872ef017c824102aa43cdd18621afa
- SHA1
  
  13ad67a031b0e8ad39d01d987f16e545a8fbe26c
- SHA256
  
  9b0363074d3f317c658bcc46976f19e970f4f83c0b773b963963b90f1cf78460
- SHA512
  
  bb531f0476572c70bd9dc6288c415444d89ae354c379dde59e64fbc677970050cccbe22c091b73774e761e386eaf595df368ddcd895b8cb1084a56e99f20d699
- SSDEEP
  
  1536:AibToqp78Cc2KGv7kThAtlojhGTIPg7GmOzZDujk7Mq8wLJATKeQ2:AibTTp78CcGv7kWtmjhGTIaOzZ4k7Mqw
Score

10^/10

ramnit banker discovery spyware stealer trojan upx worm
- Ramnit
  Ramnit is a versatile family that holds viruses, worms, and Trojans.
  trojan spyware stealer worm banker ramnit
- Ramnit family
  ramnit
- Executes dropped EXE
- Loads dropped DLL
- Drops file in System32 directory
- UPX packed file
  Detects executables packed with UPX/modified UPX open source packer.
  upx
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Modify Registry

Credential Access

Discovery

System Location Discovery

System Language Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

ramnitbankerdiscoveryspywarestealertrojanupxworm

behavioral2

ramnitbankerdiscoveryspywarestealertrojanupxworm

© 2018-2025

Terms | Privacy