ramnit | 156a17ce1ad6e7b997ba3e0e4def9eb7e5c655462b76427ee95519bd7d808d30 | Triage

Submit
Reports

Overview

overview

Static

static

3

JaffaCakes...47.exe

windows7-x64

JaffaCakes...47.exe

windows10-2004-x64

Sharing

General

Target

JaffaCakes118_11fe01a39a236f0e91a1f26875cdfd47
Size

176KB
Sample

250112-st7n1azqfr
MD5

11fe01a39a236f0e91a1f26875cdfd47
SHA1

19a7c0c39eee99d25fbbeecce5c2dc6f011438d1
SHA256

156a17ce1ad6e7b997ba3e0e4def9eb7e5c655462b76427ee95519bd7d808d30
SHA512

e6f879db8c85249f268d99b3bdd5dacfe7d86d3fa9c3715b9e65b5ca6e66350b12a4d5b380228f5a0d6213f89d715913b37ffe8fbc074c24567d54e40c745d37
SSDEEP

1536:KiaiUk2Va0vwZzRXk1OJjV5OcI/j6/ju2yjEoXJKXX0JSkRxWMSC7jGN0W:KTdkMa8usOxTBI/j6/aBI8uiSiZjGqW

Score

10^/10

ramnit banker discovery spyware stealer trojan upx worm

Static task

static1

1 signatures

Behavioral task

behavioral1

Sample

JaffaCakes118_11fe01a39a236f0e91a1f26875cdfd47.exe

Resource

win7-20240903-en

ramnit banker discovery spyware stealer trojan upx worm

windows7-x64

7 signatures

150 seconds

Behavioral task

behavioral2

Sample

JaffaCakes118_11fe01a39a236f0e91a1f26875cdfd47.exe

Resource

win10v2004-20241007-en

ramnit banker discovery spyware stealer trojan upx worm

windows10-2004-x64

7 signatures

150 seconds

Malware Config

Targets

- Target
  
  JaffaCakes118_11fe01a39a236f0e91a1f26875cdfd47
- Size
  
  176KB
- MD5
  
  11fe01a39a236f0e91a1f26875cdfd47
- SHA1
  
  19a7c0c39eee99d25fbbeecce5c2dc6f011438d1
- SHA256
  
  156a17ce1ad6e7b997ba3e0e4def9eb7e5c655462b76427ee95519bd7d808d30
- SHA512
  
  e6f879db8c85249f268d99b3bdd5dacfe7d86d3fa9c3715b9e65b5ca6e66350b12a4d5b380228f5a0d6213f89d715913b37ffe8fbc074c24567d54e40c745d37
- SSDEEP
  
  1536:KiaiUk2Va0vwZzRXk1OJjV5OcI/j6/ju2yjEoXJKXX0JSkRxWMSC7jGN0W:KTdkMa8usOxTBI/j6/aBI8uiSiZjGqW
Score

10^/10

ramnit banker discovery spyware stealer trojan upx worm
- Ramnit
  Ramnit is a versatile family that holds viruses, worms, and Trojans.
  trojan spyware stealer worm banker ramnit
- Ramnit family
  ramnit
- Loads dropped DLL
- UPX packed file
  Detects executables packed with UPX/modified UPX open source packer.
  upx
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

System Location Discovery

System Language Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

ramnitbankerdiscoveryspywarestealertrojanupxworm

behavioral2

ramnitbankerdiscoveryspywarestealertrojanupxworm

© 2018-2025

Terms | Privacy