ramnit | ecd81b5113d95ea043331b290a44f845b25b6185262f0dfd6e0b0cf700bad4a0 | Triage

Submit
Reports

Overview

overview

Static

static

3

1f4a8ce347...18.dll

windows7-x64

7

1f4a8ce347...18.dll

windows10-2004-x64

Sharing

General

Target

1f4a8ce3472329af35e709ad19929cd2_JaffaCakes118
Size

328KB
Sample

240702-pemtha1fqe
MD5

1f4a8ce3472329af35e709ad19929cd2
SHA1

aeea8d4b89484267a415101037afaae5a52b027b
SHA256

ecd81b5113d95ea043331b290a44f845b25b6185262f0dfd6e0b0cf700bad4a0
SHA512

1872303e8783e0e17ffc9518143e8fe131e156ddd1ecd8c64bcd32c087a16fac7811e2f0cdfb56e63f1c77e84eb3145c30c40a5aae4933634dad9f4c88e26cc2
SSDEEP

6144:AxGMku94XCzTurXzURlbDC9K69u2m+SqOWcsQQKiY4leDDGoggH/VREG6j4Gm01U:AxGCOXzURlbDC9K69u2m+SqOWcsQQKic

Score

10^/10

ramnit banker spyware stealer trojan upx worm

Static task

static1

1 signatures

Behavioral task

behavioral1

Sample

1f4a8ce3472329af35e709ad19929cd2_JaffaCakes118.dll

Resource

win7-20240220-en

windows7-x64

5 signatures

150 seconds

Behavioral task

behavioral2

Sample

1f4a8ce3472329af35e709ad19929cd2_JaffaCakes118.dll

Resource

win10v2004-20240611-en

ramnit banker spyware stealer trojan upx worm

windows10-2004-x64

13 signatures

150 seconds

Malware Config

Targets

- Target
  
  1f4a8ce3472329af35e709ad19929cd2_JaffaCakes118
- Size
  
  328KB
- MD5
  
  1f4a8ce3472329af35e709ad19929cd2
- SHA1
  
  aeea8d4b89484267a415101037afaae5a52b027b
- SHA256
  
  ecd81b5113d95ea043331b290a44f845b25b6185262f0dfd6e0b0cf700bad4a0
- SHA512
  
  1872303e8783e0e17ffc9518143e8fe131e156ddd1ecd8c64bcd32c087a16fac7811e2f0cdfb56e63f1c77e84eb3145c30c40a5aae4933634dad9f4c88e26cc2
- SSDEEP
  
  6144:AxGMku94XCzTurXzURlbDC9K69u2m+SqOWcsQQKiY4leDDGoggH/VREG6j4Gm01U:AxGCOXzURlbDC9K69u2m+SqOWcsQQKic
Score

10^/10

ramnit banker spyware stealer trojan upx worm
- Ramnit
  Ramnit is a versatile family that holds viruses, worms, and Trojans.
  trojan spyware stealer worm banker ramnit
- Executes dropped EXE
- Loads dropped DLL
- UPX packed file
  Detects executables packed with UPX/modified UPX open source packer.
  upx
- Drops file in System32 directory
behavioral1 behavioral2

MITRE ATT&CK Matrix ATT&CK v13

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Modify Registry

Credential Access

Discovery

Lateral Movement

Collection

Exfiltration

Command and Control

Impact

Resource Development

Reconnaissance

Tasks

static1

behavioral1

behavioral2

ramnitbankerspywarestealertrojanupxworm

© 2018-2024

Terms | Privacy