ramnit | 18f7f242adda93ed24ef888b33932124970cff5b6a3fba1d6ab6ac6c247c74a2 | Triage

Submit
Reports

Overview

overview

Static

static

3

JaffaCakes...2a.dll

windows7-x64

JaffaCakes...2a.dll

windows10-2004-x64

7

Sharing

General

Target

JaffaCakes118_45c57c5b507b4606e97075a822387b2a
Size

697KB
Sample

250128-cjzyeatlfz
MD5

45c57c5b507b4606e97075a822387b2a
SHA1

02bb822134fcfdcd178dd6d36c324104f23de1aa
SHA256

18f7f242adda93ed24ef888b33932124970cff5b6a3fba1d6ab6ac6c247c74a2
SHA512

0999d3904c1f7abadb4aa0107007c236d953658eecbc90020721cd9b5b118b856babd9cc8fe0beadb265534e40b57a09901c89eab6f0f0dead05c4b4d379717f
SSDEEP

12288:0hJDUanWzEp4226DQA1p6eH4hurcMY9K5opGkh9GXxAv+MnGKCdlGJou6fERxRCp:0hhBWzEp4yDQA1p6eYhugNo5d42Ov+M7

Score

10^/10

ramnit banker discovery spyware stealer trojan upx worm

Static task

static1

1 signatures

Behavioral task

behavioral1

Sample

JaffaCakes118_45c57c5b507b4606e97075a822387b2a.dll

Resource

win7-20241010-en

ramnit banker discovery spyware stealer trojan upx worm

windows7-x64

14 signatures

150 seconds

Behavioral task

behavioral2

Sample

JaffaCakes118_45c57c5b507b4606e97075a822387b2a.dll

Resource

win10v2004-20241007-en

windows10-2004-x64

6 signatures

150 seconds

Malware Config

Targets

- Target
  
  JaffaCakes118_45c57c5b507b4606e97075a822387b2a
- Size
  
  697KB
- MD5
  
  45c57c5b507b4606e97075a822387b2a
- SHA1
  
  02bb822134fcfdcd178dd6d36c324104f23de1aa
- SHA256
  
  18f7f242adda93ed24ef888b33932124970cff5b6a3fba1d6ab6ac6c247c74a2
- SHA512
  
  0999d3904c1f7abadb4aa0107007c236d953658eecbc90020721cd9b5b118b856babd9cc8fe0beadb265534e40b57a09901c89eab6f0f0dead05c4b4d379717f
- SSDEEP
  
  12288:0hJDUanWzEp4226DQA1p6eH4hurcMY9K5opGkh9GXxAv+MnGKCdlGJou6fERxRCp:0hhBWzEp4yDQA1p6eYhugNo5d42Ov+M7
Score

10^/10

ramnit banker discovery spyware stealer trojan upx worm
- Ramnit
  Ramnit is a versatile family that holds viruses, worms, and Trojans.
  trojan spyware stealer worm banker ramnit
- Ramnit family
  ramnit
- Executes dropped EXE
- Loads dropped DLL
- Drops file in System32 directory
- UPX packed file
  Detects executables packed with UPX/modified UPX open source packer.
  upx
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Modify Registry

Credential Access

Discovery

System Location Discovery

System Language Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

ramnitbankerdiscoveryspywarestealertrojanupxworm

behavioral2

© 2018-2025

Terms | Privacy