ramnit | 8763a70a9ceb59476b2c50b3389e308671ec49df0337b9693fac3ac014e6bb74 | Triage

Submit
Reports

Overview

overview

Static

static

3

JaffaCakes...a9.exe

windows7-x64

3

JaffaCakes...a9.exe

windows10-2004-x64

Sharing

General

Target

JaffaCakes118_7bca0ce39fe5034c879ddf2b8e43aca9
Size

190KB
Sample

250104-z3kzxsxnhv
MD5

7bca0ce39fe5034c879ddf2b8e43aca9
SHA1

6e1ece7ba9fe2436ac27dfe4eb78b6ef6d9ff707
SHA256

8763a70a9ceb59476b2c50b3389e308671ec49df0337b9693fac3ac014e6bb74
SHA512

595f2ef26a7f54b5bfbdc2869510f88e51bc59360964dc0d3b30be9de0e74bcfe33d56a76f98ef11f154d4d43afd7de3faf81374b9997ec6628257ecca0184a5
SSDEEP

3072:VnxwgxgfR/DVG7wBpE/N40MLdjQbUHVzmAwb7fkGdFC+Wrzt1G7:N+xDVG0Bp4uddHV6bjFWft1Q

Score

10^/10

ramnit banker discovery evasion spyware stealer trojan upx worm

Static task

static1

1 signatures

Behavioral task

behavioral1

Sample

JaffaCakes118_7bca0ce39fe5034c879ddf2b8e43aca9.exe

Resource

win7-20240903-en

windows7-x64

5 signatures

150 seconds

Behavioral task

behavioral2

Sample

JaffaCakes118_7bca0ce39fe5034c879ddf2b8e43aca9.exe

Resource

win10v2004-20241007-en

ramnit banker discovery evasion spyware stealer trojan upx worm

windows10-2004-x64

12 signatures

150 seconds

Malware Config

Targets

- Target
  
  JaffaCakes118_7bca0ce39fe5034c879ddf2b8e43aca9
- Size
  
  190KB
- MD5
  
  7bca0ce39fe5034c879ddf2b8e43aca9
- SHA1
  
  6e1ece7ba9fe2436ac27dfe4eb78b6ef6d9ff707
- SHA256
  
  8763a70a9ceb59476b2c50b3389e308671ec49df0337b9693fac3ac014e6bb74
- SHA512
  
  595f2ef26a7f54b5bfbdc2869510f88e51bc59360964dc0d3b30be9de0e74bcfe33d56a76f98ef11f154d4d43afd7de3faf81374b9997ec6628257ecca0184a5
- SSDEEP
  
  3072:VnxwgxgfR/DVG7wBpE/N40MLdjQbUHVzmAwb7fkGdFC+Wrzt1G7:N+xDVG0Bp4uddHV6bjFWft1Q
Score

10^/10

discovery ramnit banker evasion spyware stealer trojan upx worm
- Modifies firewall policy service
  evasion
- Ramnit
  Ramnit is a versatile family that holds viruses, worms, and Trojans.
  trojan spyware stealer worm banker ramnit
- Ramnit family
  ramnit
- UPX packed file
  Detects executables packed with UPX/modified UPX open source packer.
  upx
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Create or Modify System Process

Windows Service

Privilege Escalation

Create or Modify System Process

Windows Service

Defense Evasion

Impair Defenses

Disable or Modify System Firewall

Modify Registry

Credential Access

Discovery

System Location Discovery

System Language Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2

ramnitbankerdiscoveryevasionspywarestealertrojanupxworm

© 2018-2025

Terms | Privacy