ramnit | 16f18bdea5e203a5a637a3584c77dd7d055924cee6b61811cb733bba306bb325 | Triage

Submit
Reports

Overview

overview

Static

static

3

JaffaCakes...4f.dll

windows7-x64

JaffaCakes...4f.dll

windows10-2004-x64

Sharing

General

Target

JaffaCakes118_1a9492f56e3429e271925cce52bf2f4f
Size

248KB
Sample

250123-yj6xlssnhn
MD5

1a9492f56e3429e271925cce52bf2f4f
SHA1

c718cb1abe07840efddc437ea4e585617c33805a
SHA256

16f18bdea5e203a5a637a3584c77dd7d055924cee6b61811cb733bba306bb325
SHA512

18b3317e925530fb97ce6886a86e1ba56ca0bb74058df0aae64110b09ad969fe7e26c07d745d07ce86f0cd4ebdd280eb96d3c9baebfd05591c58ddc1cb3bb477
SSDEEP

6144:BYD4f9UAwELp+NBOuABp/uwUISVL1gx2uj:GD4aAJ++uADYIKLGUuj

Score

10^/10

ramnit banker discovery spyware stealer trojan upx worm

Static task

static1

1 signatures

Behavioral task

behavioral1

Sample

JaffaCakes118_1a9492f56e3429e271925cce52bf2f4f.dll

Resource

win7-20240729-en

ramnit banker discovery spyware stealer trojan upx worm

windows7-x64

9 signatures

150 seconds

Behavioral task

behavioral2

Sample

JaffaCakes118_1a9492f56e3429e271925cce52bf2f4f.dll

Resource

win10v2004-20241007-en

ramnit banker discovery spyware stealer trojan upx worm

windows10-2004-x64

9 signatures

150 seconds

Malware Config

Targets

- Target
  
  JaffaCakes118_1a9492f56e3429e271925cce52bf2f4f
- Size
  
  248KB
- MD5
  
  1a9492f56e3429e271925cce52bf2f4f
- SHA1
  
  c718cb1abe07840efddc437ea4e585617c33805a
- SHA256
  
  16f18bdea5e203a5a637a3584c77dd7d055924cee6b61811cb733bba306bb325
- SHA512
  
  18b3317e925530fb97ce6886a86e1ba56ca0bb74058df0aae64110b09ad969fe7e26c07d745d07ce86f0cd4ebdd280eb96d3c9baebfd05591c58ddc1cb3bb477
- SSDEEP
  
  6144:BYD4f9UAwELp+NBOuABp/uwUISVL1gx2uj:GD4aAJ++uADYIKLGUuj
Score

10^/10

ramnit banker discovery spyware stealer trojan upx worm
- Ramnit
  Ramnit is a versatile family that holds viruses, worms, and Trojans.
  trojan spyware stealer worm banker ramnit
- Ramnit family
  ramnit
- Executes dropped EXE
- Loads dropped DLL
- Drops file in System32 directory
- UPX packed file
  Detects executables packed with UPX/modified UPX open source packer.
  upx
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

System Location Discovery

System Language Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

ramnitbankerdiscoveryspywarestealertrojanupxworm

behavioral2

ramnitbankerdiscoveryspywarestealertrojanupxworm

© 2018-2025

Terms | Privacy