ramnit | 7febffaa7650c9fee595f5385f52c916999a7cd286b6bd962e5fcf381a2c1af0 | Triage

Submit
Reports

Overview

overview

Static

static

3

JaffaCakes...4e.exe

windows7-x64

JaffaCakes...4e.exe

windows10-2004-x64

Sharing

General

Target

JaffaCakes118_26f89a4bdb6f16fcd431015d59b1334e
Size

176KB
Sample

250125-bl52rsxqht
MD5

26f89a4bdb6f16fcd431015d59b1334e
SHA1

a422c2c888f52bb95681b184e24844bb2f945cc9
SHA256

7febffaa7650c9fee595f5385f52c916999a7cd286b6bd962e5fcf381a2c1af0
SHA512

78954e06f880376c77266654b8cb430988b2d00b61441312050471b008703d4e216838942bbdf279bcef3dc0f9b4e6792d407c8a0e4b221069b4fe96653337da
SSDEEP

3072:GJLrp0cQ7QAINqPDHQncySAq6lZkJoOPs/XOcxDMMwsIR1OCMc907frG5:KLO7QAISySAWaKs/rNwsIRQCMc9X5

Score

10^/10

ramnit banker discovery spyware stealer trojan upx worm

Static task

static1

1 signatures

Behavioral task

behavioral1

Sample

JaffaCakes118_26f89a4bdb6f16fcd431015d59b1334e.exe

Resource

win7-20240903-en

ramnit banker discovery spyware stealer trojan upx worm

windows7-x64

7 signatures

150 seconds

Behavioral task

behavioral2

Sample

JaffaCakes118_26f89a4bdb6f16fcd431015d59b1334e.exe

Resource

win10v2004-20241007-en

ramnit banker discovery spyware stealer trojan upx worm

windows10-2004-x64

8 signatures

150 seconds

Malware Config

Targets

- Target
  
  JaffaCakes118_26f89a4bdb6f16fcd431015d59b1334e
- Size
  
  176KB
- MD5
  
  26f89a4bdb6f16fcd431015d59b1334e
- SHA1
  
  a422c2c888f52bb95681b184e24844bb2f945cc9
- SHA256
  
  7febffaa7650c9fee595f5385f52c916999a7cd286b6bd962e5fcf381a2c1af0
- SHA512
  
  78954e06f880376c77266654b8cb430988b2d00b61441312050471b008703d4e216838942bbdf279bcef3dc0f9b4e6792d407c8a0e4b221069b4fe96653337da
- SSDEEP
  
  3072:GJLrp0cQ7QAINqPDHQncySAq6lZkJoOPs/XOcxDMMwsIR1OCMc907frG5:KLO7QAISySAWaKs/rNwsIRQCMc9X5
Score

10^/10

ramnit banker discovery spyware stealer trojan upx worm
- Ramnit
  Ramnit is a versatile family that holds viruses, worms, and Trojans.
  trojan spyware stealer worm banker ramnit
- Ramnit family
  ramnit
- Executes dropped EXE
- Loads dropped DLL
- UPX packed file
  Detects executables packed with UPX/modified UPX open source packer.
  upx
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

System Location Discovery

System Language Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

ramnitbankerdiscoveryspywarestealertrojanupxworm

behavioral2

ramnitbankerdiscoveryspywarestealertrojanupxworm

© 2018-2025

Terms | Privacy