ramnit | 91ab742055bde771f6d7246706855f6cc0d8ad18f39ea5fdc03f55e92a8e9ff9 | Triage

Submit
Reports

Overview

overview

Static

static

3

JaffaCakes...70.exe

windows7-x64

JaffaCakes...70.exe

windows10-2004-x64

Sharing

General

Target

JaffaCakes118_77b7ada0030fcf0fbb3a8e4bc210c970
Size

382KB
Sample

250104-fe8ljavmfr
MD5

77b7ada0030fcf0fbb3a8e4bc210c970
SHA1

f1bf2de7f6b29ba7eb3d4037ee83f35c74a389f2
SHA256

91ab742055bde771f6d7246706855f6cc0d8ad18f39ea5fdc03f55e92a8e9ff9
SHA512

29c62e154bb3ecfa9ae04e871458b6cddcd2b8883ce291b9296efe8eabf0ecdd6e97e7bd2481795dd9b7225a3207bda1c3e96719742ae21f058d6a99457cc4c1
SSDEEP

3072:qfzOOrUZpRROBeiouEDfS2mzsEdVd2Je2JZISZxGCvCIK7MVmijuQYsOeT3HLe5:AzOiBenfyXd2JR8SZxGCaIG6Y3E3H

Score

10^/10

ramnit banker discovery spyware stealer trojan upx worm

Static task

static1

1 signatures

Behavioral task

behavioral1

Sample

JaffaCakes118_77b7ada0030fcf0fbb3a8e4bc210c970.exe

Resource

win7-20241010-en

ramnit banker discovery spyware stealer trojan upx worm

windows7-x64

6 signatures

150 seconds

Behavioral task

behavioral2

Sample

JaffaCakes118_77b7ada0030fcf0fbb3a8e4bc210c970.exe

Resource

win10v2004-20241007-en

ramnit banker discovery spyware stealer trojan upx worm

windows10-2004-x64

6 signatures

150 seconds

Malware Config

Targets

- Target
  
  JaffaCakes118_77b7ada0030fcf0fbb3a8e4bc210c970
- Size
  
  382KB
- MD5
  
  77b7ada0030fcf0fbb3a8e4bc210c970
- SHA1
  
  f1bf2de7f6b29ba7eb3d4037ee83f35c74a389f2
- SHA256
  
  91ab742055bde771f6d7246706855f6cc0d8ad18f39ea5fdc03f55e92a8e9ff9
- SHA512
  
  29c62e154bb3ecfa9ae04e871458b6cddcd2b8883ce291b9296efe8eabf0ecdd6e97e7bd2481795dd9b7225a3207bda1c3e96719742ae21f058d6a99457cc4c1
- SSDEEP
  
  3072:qfzOOrUZpRROBeiouEDfS2mzsEdVd2Je2JZISZxGCvCIK7MVmijuQYsOeT3HLe5:AzOiBenfyXd2JR8SZxGCaIG6Y3E3H
Score

10^/10

ramnit banker discovery spyware stealer trojan upx worm
- Ramnit
  Ramnit is a versatile family that holds viruses, worms, and Trojans.
  trojan spyware stealer worm banker ramnit
- Ramnit family
  ramnit
- Loads dropped DLL
- UPX packed file
  Detects executables packed with UPX/modified UPX open source packer.
  upx
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

System Location Discovery

System Language Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

ramnitbankerdiscoveryspywarestealertrojanupxworm

behavioral2

ramnitbankerdiscoveryspywarestealertrojanupxworm

© 2018-2025

Terms | Privacy