ramnit | 24d9f517a074616e4a1bb5f82ef0805d3413f5de507807ad70a9edb6ad396155 | Triage

Submit
Reports

Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

Overview

overview

Static

static

3

JaffaCakes...ff.exe

windows7-x64

JaffaCakes...ff.exe

windows10-2004-x64

Sharing

General

Target

JaffaCakes118_139d34db5a4dbc2d9e4b5afd50158eff
Size

157KB
Sample

250112-vekl2atjam
MD5

139d34db5a4dbc2d9e4b5afd50158eff
SHA1

d1c3582efd2a493487d086ef53a3811d17fa767c
SHA256

24d9f517a074616e4a1bb5f82ef0805d3413f5de507807ad70a9edb6ad396155
SHA512

bf032d51617ed68372a44f90f8d32fbb1488179e3ed33e0640522dd8c45746fb5d5ccd6ee1edad8e895991f8a3b62bc78d5b3794d161b570b2d69d56d08499c5
SSDEEP

3072:8r6W2wIcju6IIXlNPQmTh907Y6lP/8qkrHK5:g6gI4u6lXnxh65Qs

Score

10^/10

ramnit banker discovery spyware stealer trojan upx worm

Static task

static1

1 signatures

Behavioral task

behavioral1

Sample

JaffaCakes118_139d34db5a4dbc2d9e4b5afd50158eff.exe

Resource

win7-20240903-en

ramnit banker discovery spyware stealer trojan upx worm

windows7-x64

6 signatures

150 seconds

Behavioral task

behavioral2

Sample

JaffaCakes118_139d34db5a4dbc2d9e4b5afd50158eff.exe

Resource

win10v2004-20241007-en

ramnit banker discovery spyware stealer trojan upx worm

windows10-2004-x64

6 signatures

150 seconds

Malware Config

Targets

- Target
  
  JaffaCakes118_139d34db5a4dbc2d9e4b5afd50158eff
- Size
  
  157KB
- MD5
  
  139d34db5a4dbc2d9e4b5afd50158eff
- SHA1
  
  d1c3582efd2a493487d086ef53a3811d17fa767c
- SHA256
  
  24d9f517a074616e4a1bb5f82ef0805d3413f5de507807ad70a9edb6ad396155
- SHA512
  
  bf032d51617ed68372a44f90f8d32fbb1488179e3ed33e0640522dd8c45746fb5d5ccd6ee1edad8e895991f8a3b62bc78d5b3794d161b570b2d69d56d08499c5
- SSDEEP
  
  3072:8r6W2wIcju6IIXlNPQmTh907Y6lP/8qkrHK5:g6gI4u6lXnxh65Qs
Score

10^/10

ramnit banker discovery spyware stealer trojan upx worm
- Ramnit
  Ramnit is a versatile family that holds viruses, worms, and Trojans.
  trojan spyware stealer worm banker ramnit
- Ramnit family
  ramnit
- Loads dropped DLL
- UPX packed file
  Detects executables packed with UPX/modified UPX open source packer.
  upx
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

System Location Discovery

System Language Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

ramnitbankerdiscoveryspywarestealertrojanupxworm

behavioral2

ramnitbankerdiscoveryspywarestealertrojanupxworm

© 2018-2025

Terms | Privacy