ramnit | 5aed5430766c5bdad20c300955473248497d50646bd4ac56e1d3b6c6e54be46b | Triage

Submit
Reports

Overview

overview

Static

static

3

JaffaCakes...40.dll

windows7-x64

JaffaCakes...40.dll

windows10-2004-x64

Sharing

General

Target

JaffaCakes118_6a59d9731e4a47cb0428e149c835dc40
Size

220KB
Sample

250103-fje5sazpcx
MD5

6a59d9731e4a47cb0428e149c835dc40
SHA1

c7fc2ffb906d43e54060239d272c04ffb85666a0
SHA256

5aed5430766c5bdad20c300955473248497d50646bd4ac56e1d3b6c6e54be46b
SHA512

693050b556978d26ad151e4ad23ed55a2b572f5fbfaffa583c95cded82dd7cedd2c55aa2ebeecd2a220672852eafe75ac47ea2e56019a11423999e655467e928
SSDEEP

3072:YFo63IvP2/48lOFoh8xwk6ISc1neJ0rBFBByidL20Sp/FG51JOFgowUt5wXR:YFlQvwYnimB5D20e/FuJEwUT0R

Score

10^/10

ramnit banker discovery spyware stealer trojan upx worm

Static task

static1

1 signatures

Behavioral task

behavioral1

Sample

JaffaCakes118_6a59d9731e4a47cb0428e149c835dc40.dll

Resource

win7-20240729-en

ramnit banker discovery spyware stealer trojan upx worm

windows7-x64

8 signatures

150 seconds

Behavioral task

behavioral2

Sample

JaffaCakes118_6a59d9731e4a47cb0428e149c835dc40.dll

Resource

win10v2004-20241007-en

ramnit banker discovery spyware stealer trojan upx worm

windows10-2004-x64

9 signatures

150 seconds

Malware Config

Targets

- Target
  
  JaffaCakes118_6a59d9731e4a47cb0428e149c835dc40
- Size
  
  220KB
- MD5
  
  6a59d9731e4a47cb0428e149c835dc40
- SHA1
  
  c7fc2ffb906d43e54060239d272c04ffb85666a0
- SHA256
  
  5aed5430766c5bdad20c300955473248497d50646bd4ac56e1d3b6c6e54be46b
- SHA512
  
  693050b556978d26ad151e4ad23ed55a2b572f5fbfaffa583c95cded82dd7cedd2c55aa2ebeecd2a220672852eafe75ac47ea2e56019a11423999e655467e928
- SSDEEP
  
  3072:YFo63IvP2/48lOFoh8xwk6ISc1neJ0rBFBByidL20Sp/FG51JOFgowUt5wXR:YFlQvwYnimB5D20e/FuJEwUT0R
Score

10^/10

ramnit banker discovery spyware stealer trojan upx worm
- Ramnit
  Ramnit is a versatile family that holds viruses, worms, and Trojans.
  trojan spyware stealer worm banker ramnit
- Ramnit family
  ramnit
- Executes dropped EXE
- Loads dropped DLL
- Drops file in System32 directory
- UPX packed file
  Detects executables packed with UPX/modified UPX open source packer.
  upx
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

System Location Discovery

System Language Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

ramnitbankerdiscoveryspywarestealertrojanupxworm

behavioral2

ramnitbankerdiscoveryspywarestealertrojanupxworm

© 2018-2025

Terms | Privacy