ramnit

General

Target

JaffaCakes118_7995a05fe95df572420c0dbdf1e03c98
Size

4.6MB
Sample

250104-n72bxsylav
MD5

7995a05fe95df572420c0dbdf1e03c98
SHA1

afb7acacc6a3b2a254bba7e4e5e7530e73dbc7fb
SHA256

a50191a2537cf898e66952dff4ed64e40fc7e6a461ae602a94b0b91762ae58aa
SHA512

5f9ecb2588343648af2eab61e6bc83d75a17ea524da8cf45eed49793023fa2fb3c58c906465f520c42374029f88cd4348b6e527e8f30bf63d80da00b055b0952
SSDEEP

98304:B0sGbip3QG9Lvx27sp+BSNnUYueile4vU:rBnAM

Score

10^/10

Malware Config

Targets

- Target
  
  JaffaCakes118_7995a05fe95df572420c0dbdf1e03c98
- Size
  
  4.6MB
- MD5
  
  7995a05fe95df572420c0dbdf1e03c98
- SHA1
  
  afb7acacc6a3b2a254bba7e4e5e7530e73dbc7fb
- SHA256
  
  a50191a2537cf898e66952dff4ed64e40fc7e6a461ae602a94b0b91762ae58aa
- SHA512
  
  5f9ecb2588343648af2eab61e6bc83d75a17ea524da8cf45eed49793023fa2fb3c58c906465f520c42374029f88cd4348b6e527e8f30bf63d80da00b055b0952
- SSDEEP
  
  98304:B0sGbip3QG9Lvx27sp+BSNnUYueile4vU:rBnAM
Score

10^/10

ramnit banker discovery spyware stealer trojan upx worm
- Ramnit
  Ramnit is a versatile family that holds viruses, worms, and Trojans.
  trojan spyware stealer worm banker ramnit
- Ramnit family
  ramnit
- Executes dropped EXE
- Loads dropped DLL
- UPX packed file
  Detects executables packed with UPX/modified UPX open source packer.
  upx
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Modify Registry

1

T1112

Credential Access

Discovery

System Information Discovery

1

T1082

System Location Discovery

1

T1614

System Language Discovery

1

T1614.001

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

Sharing

General

Malware Config

Targets

Ramnit family

Executes dropped EXE

Loads dropped DLL

UPX packed file

MITRE ATT&CK Enterprise v15

Tasks

static1

behavioral1

behavioral2