ramnit | 764d141e24f994631341dd9f9348b94ff1a9ab5ee4a04e84f8f387a867389860 | Triage

Submit
Reports

Overview

overview

Static

static

3

JaffaCakes...fb.dll

windows7-x64

JaffaCakes...fb.dll

windows10-2004-x64

7

Sharing

General

Target

JaffaCakes118_777a8cd4648f98ee2cf47dd48c8773fb
Size

284KB
Sample

250104-ehqpfssnhk
MD5

777a8cd4648f98ee2cf47dd48c8773fb
SHA1

31719bc4380c8ca160527e588b814f2e629bd9e1
SHA256

764d141e24f994631341dd9f9348b94ff1a9ab5ee4a04e84f8f387a867389860
SHA512

6adc516fabb1a16c080226de37a7beccf8a0a1bd2d67264eb7b267e025f0b39f1bfb560fbb3ee459dea0b6e5f2ac431ce427ca53337713e417962dd3d9b60de8
SSDEEP

3072:LLAQpz/3KT+IcwFRMQgRnJ5mw/G0jgVxBDCH7OgtBLfkajaAXjBjsPVHDJA6u8k+:vAYb++QzgRnrmIjm347FLfPFsVHDqj4d

Score

10^/10

ramnit banker discovery spyware stealer trojan upx worm

Static task

static1

1 signatures

Behavioral task

behavioral1

Sample

JaffaCakes118_777a8cd4648f98ee2cf47dd48c8773fb.dll

Resource

win7-20241010-en

ramnit banker discovery spyware stealer trojan upx worm

windows7-x64

13 signatures

150 seconds

Behavioral task

behavioral2

Sample

JaffaCakes118_777a8cd4648f98ee2cf47dd48c8773fb.dll

Resource

win10v2004-20241007-en

windows10-2004-x64

6 signatures

150 seconds

Malware Config

Targets

- Target
  
  JaffaCakes118_777a8cd4648f98ee2cf47dd48c8773fb
- Size
  
  284KB
- MD5
  
  777a8cd4648f98ee2cf47dd48c8773fb
- SHA1
  
  31719bc4380c8ca160527e588b814f2e629bd9e1
- SHA256
  
  764d141e24f994631341dd9f9348b94ff1a9ab5ee4a04e84f8f387a867389860
- SHA512
  
  6adc516fabb1a16c080226de37a7beccf8a0a1bd2d67264eb7b267e025f0b39f1bfb560fbb3ee459dea0b6e5f2ac431ce427ca53337713e417962dd3d9b60de8
- SSDEEP
  
  3072:LLAQpz/3KT+IcwFRMQgRnJ5mw/G0jgVxBDCH7OgtBLfkajaAXjBjsPVHDJA6u8k+:vAYb++QzgRnrmIjm347FLfPFsVHDqj4d
Score

10^/10

ramnit banker discovery spyware stealer trojan upx worm
- Ramnit
  Ramnit is a versatile family that holds viruses, worms, and Trojans.
  trojan spyware stealer worm banker ramnit
- Ramnit family
  ramnit
- Executes dropped EXE
- Loads dropped DLL
- Drops file in System32 directory
- UPX packed file
  Detects executables packed with UPX/modified UPX open source packer.
  upx
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Modify Registry

Credential Access

Discovery

System Location Discovery

System Language Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

ramnitbankerdiscoveryspywarestealertrojanupxworm

behavioral2

© 2018-2025

Terms | Privacy