neshta | 33c66e1c4a3147221039e4db5a31feb85df2394e05a2edde7330b5649d2d2079 | Triage

Submit
Reports

Overview

overview

Static

static

JaffaCakes...a8.exe

windows7-x64

JaffaCakes...a8.exe

windows10-2004-x64

Sharing

General

Target

JaffaCakes118_1a3eb25daf0b4a5ee8def409ac5efba8
Size

227KB
Sample

250123-xrwaeazkfx
MD5

1a3eb25daf0b4a5ee8def409ac5efba8
SHA1

6ee14f8aa9608d50110b0898754200a37e6f3a7a
SHA256

33c66e1c4a3147221039e4db5a31feb85df2394e05a2edde7330b5649d2d2079
SHA512

481bad6f3f06fec2da3e6263d5963df9ada6303e4a4142f70280a374d675a00664a3b7ac73bd573c3adb470efb76196ac69b4fff32fe3a6c8a9c18a930de368c
SSDEEP

3072:nr6W2wIcju6IIXlNPQmTh907Y6lP/8qkrHKSr85Cbcr6W2wIcju6pr85C:r6gI4u6lXnxh65QN9E6gI4u6F9

Score

10^/10

neshta ramnit banker discovery spyware stealer trojan upx worm

Static task

static1

3 signatures

Behavioral task

behavioral1

Sample

JaffaCakes118_1a3eb25daf0b4a5ee8def409ac5efba8.exe

Resource

win7-20241010-en

ramnit banker discovery spyware stealer trojan upx worm

windows7-x64

6 signatures

150 seconds

Behavioral task

behavioral2

Sample

JaffaCakes118_1a3eb25daf0b4a5ee8def409ac5efba8.exe

Resource

win10v2004-20241007-en

ramnit banker discovery spyware stealer trojan upx worm

windows10-2004-x64

6 signatures

150 seconds

Malware Config

Targets

- Target
  
  JaffaCakes118_1a3eb25daf0b4a5ee8def409ac5efba8
- Size
  
  227KB
- MD5
  
  1a3eb25daf0b4a5ee8def409ac5efba8
- SHA1
  
  6ee14f8aa9608d50110b0898754200a37e6f3a7a
- SHA256
  
  33c66e1c4a3147221039e4db5a31feb85df2394e05a2edde7330b5649d2d2079
- SHA512
  
  481bad6f3f06fec2da3e6263d5963df9ada6303e4a4142f70280a374d675a00664a3b7ac73bd573c3adb470efb76196ac69b4fff32fe3a6c8a9c18a930de368c
- SSDEEP
  
  3072:nr6W2wIcju6IIXlNPQmTh907Y6lP/8qkrHKSr85Cbcr6W2wIcju6pr85C:r6gI4u6lXnxh65QN9E6gI4u6F9
Score

10^/10

ramnit banker discovery spyware stealer trojan upx worm
- Ramnit
  Ramnit is a versatile family that holds viruses, worms, and Trojans.
  trojan spyware stealer worm banker ramnit
- Ramnit family
  ramnit
- Loads dropped DLL
- UPX packed file
  Detects executables packed with UPX/modified UPX open source packer.
  upx
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

System Location Discovery

System Language Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

ramnitbankerdiscoveryspywarestealertrojanupxworm

behavioral2

ramnitbankerdiscoveryspywarestealertrojanupxworm

© 2018-2025

Terms | Privacy