ramnit | fc68e2be2dc05d95e4500c0ba773f534a6c914e5cf1b357f1eb59a7d5759385d | Triage

Submit
Reports

Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

Overview

overview

Static

static

3

JaffaCakes...5d.exe

windows7-x64

JaffaCakes...5d.exe

windows10-2004-x64

7

Sharing

General

Target

JaffaCakes118_84ea7668b24bdc5a467a707b0a5ee45d
Size

280KB
Sample

250321-12g3ba1wht
MD5

84ea7668b24bdc5a467a707b0a5ee45d
SHA1

f29e008f0837207dd542099a3aeb335aa973f283
SHA256

fc68e2be2dc05d95e4500c0ba773f534a6c914e5cf1b357f1eb59a7d5759385d
SHA512

af6eafc874d11d8e3856daacfc25913340087ac1c6923306dae886b902704e43b6a6dd6ed7de806aef970d11572aa18c2b8b9506671e5d8bafd3d5858288b7e6
SSDEEP

6144:tM5sN58VIgR54KsA+UZI2hMU9StkcZFHz/FCcW2nWUUU:tMsQVFRKKsNWwUGk2FHMcWlUUU

Score

10^/10

ramnit banker discovery spyware stealer trojan upx worm

Static task

static1

1 signatures

Behavioral task

behavioral1

Sample

JaffaCakes118_84ea7668b24bdc5a467a707b0a5ee45d.exe

Resource

win7-20241023-en

ramnit banker discovery spyware stealer trojan upx worm

windows7-x64

8 signatures

150 seconds

Behavioral task

behavioral2

Sample

JaffaCakes118_84ea7668b24bdc5a467a707b0a5ee45d.exe

Resource

win10v2004-20250314-en

windows10-2004-x64

5 signatures

150 seconds

Malware Config

Targets

- Target
  
  JaffaCakes118_84ea7668b24bdc5a467a707b0a5ee45d
- Size
  
  280KB
- MD5
  
  84ea7668b24bdc5a467a707b0a5ee45d
- SHA1
  
  f29e008f0837207dd542099a3aeb335aa973f283
- SHA256
  
  fc68e2be2dc05d95e4500c0ba773f534a6c914e5cf1b357f1eb59a7d5759385d
- SHA512
  
  af6eafc874d11d8e3856daacfc25913340087ac1c6923306dae886b902704e43b6a6dd6ed7de806aef970d11572aa18c2b8b9506671e5d8bafd3d5858288b7e6
- SSDEEP
  
  6144:tM5sN58VIgR54KsA+UZI2hMU9StkcZFHz/FCcW2nWUUU:tMsQVFRKKsNWwUGk2FHMcWlUUU
Score

10^/10

ramnit banker discovery spyware stealer trojan upx worm
- Ramnit
  Ramnit is a versatile family that holds viruses, worms, and Trojans.
  trojan spyware stealer worm banker ramnit
- Ramnit family
  ramnit
- Executes dropped EXE
- Loads dropped DLL
- UPX packed file
  Detects executables packed with UPX/modified UPX open source packer.
  upx
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

System Location Discovery

System Language Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

ramnitbankerdiscoveryspywarestealertrojanupxworm

behavioral2

© 2018-2025

Terms | Privacy