ramnit | 3970692c015ead66ca10d1ddaade28b6443ebcce61bd6c4b0e0539199fafe694 | Triage

Submit
Reports

Overview

overview

Static

static

3

JaffaCakes...d0.dll

windows7-x64

JaffaCakes...d0.dll

windows10-2004-x64

7

Sharing

General

Target

JaffaCakes118_657f37ecdbc9d70b8ce51d4df759fad0
Size

192KB
Sample

250102-qyl7rawqgj
MD5

657f37ecdbc9d70b8ce51d4df759fad0
SHA1

2320fc625fa4a8ae9bc6d123fa6020de683cdaf1
SHA256

3970692c015ead66ca10d1ddaade28b6443ebcce61bd6c4b0e0539199fafe694
SHA512

eeebcac9823d3417e88124635a8c37a1648a797793eba42c2e3344641d5020482f16c7e524cdadd21af5a9764ced3444b59b8a3c8f5af7e27107e45eaf75a2d4
SSDEEP

3072:PiH19KnlblaCrQWODDZTuAjnJjqp/g2bzcijLvZ33X1vxDRvanoRmOl:qmlbDQWODDZgpdH1ZxmooOl

Score

10^/10

ramnit banker discovery spyware stealer trojan upx worm

Static task

static1

1 signatures

Behavioral task

behavioral1

Sample

JaffaCakes118_657f37ecdbc9d70b8ce51d4df759fad0.dll

Resource

win7-20240708-en

ramnit banker discovery spyware stealer trojan upx worm

windows7-x64

14 signatures

150 seconds

Behavioral task

behavioral2

Sample

JaffaCakes118_657f37ecdbc9d70b8ce51d4df759fad0.dll

Resource

win10v2004-20241007-en

windows10-2004-x64

6 signatures

150 seconds

Malware Config

Targets

- Target
  
  JaffaCakes118_657f37ecdbc9d70b8ce51d4df759fad0
- Size
  
  192KB
- MD5
  
  657f37ecdbc9d70b8ce51d4df759fad0
- SHA1
  
  2320fc625fa4a8ae9bc6d123fa6020de683cdaf1
- SHA256
  
  3970692c015ead66ca10d1ddaade28b6443ebcce61bd6c4b0e0539199fafe694
- SHA512
  
  eeebcac9823d3417e88124635a8c37a1648a797793eba42c2e3344641d5020482f16c7e524cdadd21af5a9764ced3444b59b8a3c8f5af7e27107e45eaf75a2d4
- SSDEEP
  
  3072:PiH19KnlblaCrQWODDZTuAjnJjqp/g2bzcijLvZ33X1vxDRvanoRmOl:qmlbDQWODDZgpdH1ZxmooOl
Score

10^/10

ramnit banker discovery spyware stealer trojan upx worm
- Ramnit
  Ramnit is a versatile family that holds viruses, worms, and Trojans.
  trojan spyware stealer worm banker ramnit
- Ramnit family
  ramnit
- Executes dropped EXE
- Loads dropped DLL
- Drops file in System32 directory
- UPX packed file
  Detects executables packed with UPX/modified UPX open source packer.
  upx
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Modify Registry

Credential Access

Discovery

System Location Discovery

System Language Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

ramnitbankerdiscoveryspywarestealertrojanupxworm

behavioral2

© 2018-2025

Terms | Privacy