ramnit | a002388a30c8e9d327ef04985f726fb0b1aa3f3753ba6c7a03b02a37b47b271d | Triage

Submit
Reports

Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

Overview

overview

Static

static

3

JaffaCakes...4f.exe

windows7-x64

JaffaCakes...4f.exe

windows10-2004-x64

Sharing

General

Target

JaffaCakes118_880f962877d62b5d8a1ff2da11fc8e4f
Size

103KB
Sample

250323-zcf82svsfx
MD5

880f962877d62b5d8a1ff2da11fc8e4f
SHA1

a02b4887c0f08515ed4bd49bbb3fa2615d82fe50
SHA256

a002388a30c8e9d327ef04985f726fb0b1aa3f3753ba6c7a03b02a37b47b271d
SHA512

b125a3478bb2a6e8f2c9c9a3b5f932f8837ce2604eedae1ec37dbbb7051d6550de96fc760da2bb39c4bd6a20a447fefb11e73c28c59892c034002d3f8a817178
SSDEEP

1536:aiaiUkIVa0vwZzRXk1OJjV5OcI/j6/ju2yjEoXJKXX0JSkRxWMSC7jGN:aTdkSa8usOxTBI/j6/aBI8uiSiZjG

Score

10^/10

ramnit banker discovery spyware stealer trojan upx worm

Static task

static1

1 signatures

Behavioral task

behavioral1

Sample

JaffaCakes118_880f962877d62b5d8a1ff2da11fc8e4f.exe

Resource

win7-20240903-en

ramnit banker discovery spyware stealer trojan upx worm

windows7-x64

7 signatures

150 seconds

Behavioral task

behavioral2

Sample

JaffaCakes118_880f962877d62b5d8a1ff2da11fc8e4f.exe

Resource

win10v2004-20250314-en

ramnit banker discovery spyware stealer trojan upx worm

windows10-2004-x64

7 signatures

150 seconds

Malware Config

Targets

- Target
  
  JaffaCakes118_880f962877d62b5d8a1ff2da11fc8e4f
- Size
  
  103KB
- MD5
  
  880f962877d62b5d8a1ff2da11fc8e4f
- SHA1
  
  a02b4887c0f08515ed4bd49bbb3fa2615d82fe50
- SHA256
  
  a002388a30c8e9d327ef04985f726fb0b1aa3f3753ba6c7a03b02a37b47b271d
- SHA512
  
  b125a3478bb2a6e8f2c9c9a3b5f932f8837ce2604eedae1ec37dbbb7051d6550de96fc760da2bb39c4bd6a20a447fefb11e73c28c59892c034002d3f8a817178
- SSDEEP
  
  1536:aiaiUkIVa0vwZzRXk1OJjV5OcI/j6/ju2yjEoXJKXX0JSkRxWMSC7jGN:aTdkSa8usOxTBI/j6/aBI8uiSiZjG
Score

10^/10

ramnit banker discovery spyware stealer trojan upx worm
- Ramnit
  Ramnit is a versatile family that holds viruses, worms, and Trojans.
  trojan spyware stealer worm banker ramnit
- Ramnit family
  ramnit
- Loads dropped DLL
- UPX packed file
  Detects executables packed with UPX/modified UPX open source packer.
  upx
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

System Location Discovery

System Language Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

ramnitbankerdiscoveryspywarestealertrojanupxworm

behavioral2

ramnitbankerdiscoveryspywarestealertrojanupxworm

© 2018-2025

Terms | Privacy