ramnit | c9267e7100d5ad11be8bed773e833b3486441a8bf52d347729916e22c05345f8 | Triage

Submit
Reports

Overview

overview

Static

static

3

JaffaCakes...4d.dll

windows7-x64

JaffaCakes...4d.dll

windows10-2004-x64

Sharing

General

Target

JaffaCakes118_43f2784b993ad29c4b3ab1d5d6852c4d
Size

152KB
Sample

250127-1kkf4sxjgm
MD5

43f2784b993ad29c4b3ab1d5d6852c4d
SHA1

f9cd5187929a5fab63c4669cfe3e311c56f5a8f6
SHA256

c9267e7100d5ad11be8bed773e833b3486441a8bf52d347729916e22c05345f8
SHA512

54d49ce6ac13da0f92892c5ecf62d1596bc02474294a80fa2073e3d7bb827177f2316aad561ba777889d3ac280f5eea9c3bfa1708880decde1a9fd48f0ceda23
SSDEEP

3072:QKkvGB5t2mbFyYVHcTR3O0Bolb213QRD9+EctUe:QKkvmzpJLmBolb213QlYrtUe

Score

10^/10

ramnit banker discovery spyware stealer trojan upx worm

Static task

static1

1 signatures

Behavioral task

behavioral1

Sample

JaffaCakes118_43f2784b993ad29c4b3ab1d5d6852c4d.dll

Resource

win7-20240903-en

ramnit banker discovery spyware stealer trojan upx worm

windows7-x64

8 signatures

150 seconds

Behavioral task

behavioral2

Sample

JaffaCakes118_43f2784b993ad29c4b3ab1d5d6852c4d.dll

Resource

win10v2004-20241007-en

ramnit banker discovery spyware stealer trojan upx worm

windows10-2004-x64

9 signatures

150 seconds

Malware Config

Targets

- Target
  
  JaffaCakes118_43f2784b993ad29c4b3ab1d5d6852c4d
- Size
  
  152KB
- MD5
  
  43f2784b993ad29c4b3ab1d5d6852c4d
- SHA1
  
  f9cd5187929a5fab63c4669cfe3e311c56f5a8f6
- SHA256
  
  c9267e7100d5ad11be8bed773e833b3486441a8bf52d347729916e22c05345f8
- SHA512
  
  54d49ce6ac13da0f92892c5ecf62d1596bc02474294a80fa2073e3d7bb827177f2316aad561ba777889d3ac280f5eea9c3bfa1708880decde1a9fd48f0ceda23
- SSDEEP
  
  3072:QKkvGB5t2mbFyYVHcTR3O0Bolb213QRD9+EctUe:QKkvmzpJLmBolb213QlYrtUe
Score

10^/10

ramnit banker discovery spyware stealer trojan upx worm
- Ramnit
  Ramnit is a versatile family that holds viruses, worms, and Trojans.
  trojan spyware stealer worm banker ramnit
- Ramnit family
  ramnit
- Executes dropped EXE
- Loads dropped DLL
- Drops file in System32 directory
- UPX packed file
  Detects executables packed with UPX/modified UPX open source packer.
  upx
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

System Location Discovery

System Language Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

ramnitbankerdiscoveryspywarestealertrojanupxworm

behavioral2

ramnitbankerdiscoveryspywarestealertrojanupxworm

© 2018-2025

Terms | Privacy