ramnit | 9c79051f4ff7ef6b62b93e2534658e873da248b3eb157ec7f58b435567ca3e0a | Triage

Submit
Reports

Overview

overview

Static

static

3

JaffaCakes...e0.dll

windows7-x64

JaffaCakes...e0.dll

windows10-2004-x64

7

Sharing

General

Target

JaffaCakes118_77fd32df1f107d7323557779f2f7d4e0
Size

748KB
Sample

250104-gg3zhaxmdn
MD5

77fd32df1f107d7323557779f2f7d4e0
SHA1

6f9e7a716568a9a03a1b52422d2e725b4a21fa22
SHA256

9c79051f4ff7ef6b62b93e2534658e873da248b3eb157ec7f58b435567ca3e0a
SHA512

560304bb75c6d12e4a5848df48cceba03ebfec5197d2b7c4ea35754dfcb0936da14f29008243197411827b4f18ce2dcd3138c9ad2e3afbe7423ec2331910024c
SSDEEP

12288:+Fqi2VC1J7Zs7a5zchr46CIfsyZmGyYCqeCYT9rr1YrqILm:+Ui2C1JdoiEdmGyYuDRrZYBLm

Score

10^/10

ramnit banker discovery spyware stealer trojan upx worm

Static task

static1

1 signatures

Behavioral task

behavioral1

Sample

JaffaCakes118_77fd32df1f107d7323557779f2f7d4e0.dll

Resource

win7-20240729-en

ramnit banker discovery spyware stealer trojan upx worm

windows7-x64

13 signatures

150 seconds

Behavioral task

behavioral2

Sample

JaffaCakes118_77fd32df1f107d7323557779f2f7d4e0.dll

Resource

win10v2004-20241007-en

windows10-2004-x64

6 signatures

150 seconds

Malware Config

Targets

- Target
  
  JaffaCakes118_77fd32df1f107d7323557779f2f7d4e0
- Size
  
  748KB
- MD5
  
  77fd32df1f107d7323557779f2f7d4e0
- SHA1
  
  6f9e7a716568a9a03a1b52422d2e725b4a21fa22
- SHA256
  
  9c79051f4ff7ef6b62b93e2534658e873da248b3eb157ec7f58b435567ca3e0a
- SHA512
  
  560304bb75c6d12e4a5848df48cceba03ebfec5197d2b7c4ea35754dfcb0936da14f29008243197411827b4f18ce2dcd3138c9ad2e3afbe7423ec2331910024c
- SSDEEP
  
  12288:+Fqi2VC1J7Zs7a5zchr46CIfsyZmGyYCqeCYT9rr1YrqILm:+Ui2C1JdoiEdmGyYuDRrZYBLm
Score

10^/10

ramnit banker discovery spyware stealer trojan upx worm
- Ramnit
  Ramnit is a versatile family that holds viruses, worms, and Trojans.
  trojan spyware stealer worm banker ramnit
- Ramnit family
  ramnit
- Executes dropped EXE
- Loads dropped DLL
- Drops file in System32 directory
- UPX packed file
  Detects executables packed with UPX/modified UPX open source packer.
  upx
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Modify Registry

Credential Access

Discovery

System Location Discovery

System Language Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

ramnitbankerdiscoveryspywarestealertrojanupxworm

behavioral2

© 2018-2025

Terms | Privacy