ramnit

General

Target

JaffaCakes118_5220cac3053fb6ba12c133139f8101a3
Size

157KB
Sample

250129-ds1fzaslej
MD5

5220cac3053fb6ba12c133139f8101a3
SHA1

8664551f2182c0c27c5c6143683f924c55edbe88
SHA256

6e135eba72c1258dd7ccf170cf094c8c3fca5781e03c2caacc9b455ab5cd7607
SHA512

06d212d7a69120245503eeefa82c174f66f458d2f594eba613fca017532ede964fbd751aeb3234cca5d0e698c8cac8bd1a393de96f898dade7b46181f3480c33
SSDEEP

3072:TBKwcvdwuxdWikJTkct6FZkGNKCWux1OUD4854cotIhTiA0ChGfvhWTbQ:TBKwcvdn2JtY2s0uDOUD4bc7iA0CKhWQ

Score

10^/10

Malware Config

Targets

- Target
  
  JaffaCakes118_5220cac3053fb6ba12c133139f8101a3
- Size
  
  157KB
- MD5
  
  5220cac3053fb6ba12c133139f8101a3
- SHA1
  
  8664551f2182c0c27c5c6143683f924c55edbe88
- SHA256
  
  6e135eba72c1258dd7ccf170cf094c8c3fca5781e03c2caacc9b455ab5cd7607
- SHA512
  
  06d212d7a69120245503eeefa82c174f66f458d2f594eba613fca017532ede964fbd751aeb3234cca5d0e698c8cac8bd1a393de96f898dade7b46181f3480c33
- SSDEEP
  
  3072:TBKwcvdwuxdWikJTkct6FZkGNKCWux1OUD4854cotIhTiA0ChGfvhWTbQ:TBKwcvdn2JtY2s0uDOUD4bc7iA0CKhWQ
Score

10^/10

ramnit banker discovery spyware stealer trojan upx worm
- Ramnit
  Ramnit is a versatile family that holds viruses, worms, and Trojans.
  trojan spyware stealer worm banker ramnit
- Ramnit family
  ramnit
- Executes dropped EXE
- Loads dropped DLL
- UPX packed file
  Detects executables packed with UPX/modified UPX open source packer.
  upx
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Modify Registry

1

T1112

Credential Access

Discovery

System Information Discovery

1

T1082

System Location Discovery

1

T1614

System Language Discovery

1

T1614.001

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

Sharing

General

Malware Config

Targets

Ramnit family

Executes dropped EXE

Loads dropped DLL

UPX packed file

MITRE ATT&CK Enterprise v15

Tasks

static1

behavioral1

behavioral2