ramnit | 14998e155d5e864bddc45532be8365e5334fde9ab4641f480f30bcc06ef240bb | Triage

Submit
Reports

Overview

overview

Static

static

3

JaffaCakes...b2.exe

windows7-x64

JaffaCakes...b2.exe

windows10-2004-x64

Sharing

General

Target

JaffaCakes118_78987da8d1aaf683c037f4749bd1f4b2
Size

244KB
Sample

250104-jz262aspfj
MD5

78987da8d1aaf683c037f4749bd1f4b2
SHA1

d015546f354c92aec5770064a0e5f360b163cf04
SHA256

14998e155d5e864bddc45532be8365e5334fde9ab4641f480f30bcc06ef240bb
SHA512

6838f21b3638f0a59cf520484cec8e4a406f75c999bef2dcb18429772ddde42c75dcd09a298651e3701753b07ecdb0211247cd02c884ff9f347e211821cd0995
SSDEEP

3072:b1NmPQwuYgWKodgTkcqMVsdCroy/jRGK/kvtjXeafVWb4Jhf04kGWdRtmrnVrrTv:HGQwvd6IRIcyEKoh9Wf4kldUNrT++HJ

Score

10^/10

ramnit banker discovery spyware stealer trojan upx worm

Static task

static1

1 signatures

Behavioral task

behavioral1

Sample

JaffaCakes118_78987da8d1aaf683c037f4749bd1f4b2.exe

Resource

win7-20240903-en

ramnit banker discovery spyware stealer trojan upx worm

windows7-x64

5 signatures

150 seconds

Behavioral task

behavioral2

Sample

JaffaCakes118_78987da8d1aaf683c037f4749bd1f4b2.exe

Resource

win10v2004-20241007-en

ramnit banker discovery spyware stealer trojan upx worm

windows10-2004-x64

6 signatures

150 seconds

Malware Config

Targets

- Target
  
  JaffaCakes118_78987da8d1aaf683c037f4749bd1f4b2
- Size
  
  244KB
- MD5
  
  78987da8d1aaf683c037f4749bd1f4b2
- SHA1
  
  d015546f354c92aec5770064a0e5f360b163cf04
- SHA256
  
  14998e155d5e864bddc45532be8365e5334fde9ab4641f480f30bcc06ef240bb
- SHA512
  
  6838f21b3638f0a59cf520484cec8e4a406f75c999bef2dcb18429772ddde42c75dcd09a298651e3701753b07ecdb0211247cd02c884ff9f347e211821cd0995
- SSDEEP
  
  3072:b1NmPQwuYgWKodgTkcqMVsdCroy/jRGK/kvtjXeafVWb4Jhf04kGWdRtmrnVrrTv:HGQwvd6IRIcyEKoh9Wf4kldUNrT++HJ
Score

10^/10

ramnit banker discovery spyware stealer trojan upx worm
- Ramnit
  Ramnit is a versatile family that holds viruses, worms, and Trojans.
  trojan spyware stealer worm banker ramnit
- Ramnit family
  ramnit
- Loads dropped DLL
- UPX packed file
  Detects executables packed with UPX/modified UPX open source packer.
  upx
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

System Location Discovery

System Language Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

ramnitbankerdiscoveryspywarestealertrojanupxworm

behavioral2

ramnitbankerdiscoveryspywarestealertrojanupxworm

© 2018-2025

Terms | Privacy