ramnit | f0f364f798433f5fac3860e0fbd7c677fca2e1456047aaa833d5cf62efaf3964 | Triage

Submit
Reports

Overview

overview

Static

static

3

JaffaCakes...50.dll

windows7-x64

7

JaffaCakes...50.dll

windows10-2004-x64

Sharing

General

Target

JaffaCakes118_6d2dc95790b6ae2a2eb5d6fc6afe6e50
Size

218KB
Sample

250103-rfaxfa1kan
MD5

6d2dc95790b6ae2a2eb5d6fc6afe6e50
SHA1

f97de6b1c643608b699034db23ec46ea328d4bb5
SHA256

f0f364f798433f5fac3860e0fbd7c677fca2e1456047aaa833d5cf62efaf3964
SHA512

6b6ddc04cadf53007074a195e1633eb40686dfe0560737395e6f031d27124283c4dcfa74659bc8264ec33775bd8978a54fd522c631bcddd61ef0aa02c6e2a7ae
SSDEEP

6144:7lS5j1qQ2CPtogTym7nWqTVor7m+hbCxYE:7lFJC2gtnWqJoPn+l

Score

10^/10

ramnit banker discovery evasion spyware stealer trojan upx worm

Static task

static1

1 signatures

Behavioral task

behavioral1

Sample

JaffaCakes118_6d2dc95790b6ae2a2eb5d6fc6afe6e50.dll

Resource

win7-20241010-en

windows7-x64

8 signatures

150 seconds

Behavioral task

behavioral2

Sample

JaffaCakes118_6d2dc95790b6ae2a2eb5d6fc6afe6e50.dll

Resource

win10v2004-20241007-en

ramnit banker discovery evasion spyware stealer trojan upx worm

windows10-2004-x64

14 signatures

150 seconds

Malware Config

Targets

- Target
  
  JaffaCakes118_6d2dc95790b6ae2a2eb5d6fc6afe6e50
- Size
  
  218KB
- MD5
  
  6d2dc95790b6ae2a2eb5d6fc6afe6e50
- SHA1
  
  f97de6b1c643608b699034db23ec46ea328d4bb5
- SHA256
  
  f0f364f798433f5fac3860e0fbd7c677fca2e1456047aaa833d5cf62efaf3964
- SHA512
  
  6b6ddc04cadf53007074a195e1633eb40686dfe0560737395e6f031d27124283c4dcfa74659bc8264ec33775bd8978a54fd522c631bcddd61ef0aa02c6e2a7ae
- SSDEEP
  
  6144:7lS5j1qQ2CPtogTym7nWqTVor7m+hbCxYE:7lFJC2gtnWqJoPn+l
Score

10^/10

discovery ramnit banker evasion spyware stealer trojan upx worm
- Modifies firewall policy service
  evasion
- Ramnit
  Ramnit is a versatile family that holds viruses, worms, and Trojans.
  trojan spyware stealer worm banker ramnit
- Ramnit family
  ramnit
- Executes dropped EXE
- Loads dropped DLL
- Drops file in System32 directory
- UPX packed file
  Detects executables packed with UPX/modified UPX open source packer.
  upx
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Create or Modify System Process

Windows Service

Privilege Escalation

Create or Modify System Process

Windows Service

Defense Evasion

Impair Defenses

Disable or Modify System Firewall

Modify Registry

Credential Access

Discovery

System Location Discovery

System Language Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2

ramnitbankerdiscoveryevasionspywarestealertrojanupxworm

© 2018-2025

Terms | Privacy