ramnit | 2a525a8a3b300a910e7b7a299507b1c98475a83c287eaf63306b58be746cfe8a | Triage

Submit
Reports

Overview

overview

Static

static

3

1d54f35544...18.dll

windows7-x64

7

1d54f35544...18.dll

windows10-2004-x64

Sharing

General

Target

1d54f355443e007d74c1683b850e3d72_JaffaCakes118
Size

240KB
Sample

240702-y9kr3asamm
MD5

1d54f355443e007d74c1683b850e3d72
SHA1

8e220a9fb5ed2a3a2630e18ed01080462bc89773
SHA256

2a525a8a3b300a910e7b7a299507b1c98475a83c287eaf63306b58be746cfe8a
SHA512

56ab1a1989f86a9f941c5bc549beb03efb9df6255fed4a573215590b06482b568ddcf5273e74f6b41b5a04ee07d802e14d3bd98457712f867f662e1c392548de
SSDEEP

6144:8EtG6z3QZ9/9asHWO9uILx1F7RoGw8SdLJ:JFTs9/95uMx1F7RmT

Score

10^/10

ramnit banker spyware stealer trojan upx worm

Static task

static1

1 signatures

Behavioral task

behavioral1

Sample

1d54f355443e007d74c1683b850e3d72_JaffaCakes118.dll

Resource

win7-20240508-en

windows7-x64

5 signatures

150 seconds

Behavioral task

behavioral2

Sample

1d54f355443e007d74c1683b850e3d72_JaffaCakes118.dll

Resource

win10v2004-20240508-en

ramnit banker spyware stealer trojan upx worm

windows10-2004-x64

13 signatures

150 seconds

Malware Config

Targets

- Target
  
  1d54f355443e007d74c1683b850e3d72_JaffaCakes118
- Size
  
  240KB
- MD5
  
  1d54f355443e007d74c1683b850e3d72
- SHA1
  
  8e220a9fb5ed2a3a2630e18ed01080462bc89773
- SHA256
  
  2a525a8a3b300a910e7b7a299507b1c98475a83c287eaf63306b58be746cfe8a
- SHA512
  
  56ab1a1989f86a9f941c5bc549beb03efb9df6255fed4a573215590b06482b568ddcf5273e74f6b41b5a04ee07d802e14d3bd98457712f867f662e1c392548de
- SSDEEP
  
  6144:8EtG6z3QZ9/9asHWO9uILx1F7RoGw8SdLJ:JFTs9/95uMx1F7RmT
Score

10^/10

ramnit banker spyware stealer trojan upx worm
- Ramnit
  Ramnit is a versatile family that holds viruses, worms, and Trojans.
  trojan spyware stealer worm banker ramnit
- Executes dropped EXE
- Loads dropped DLL
- UPX packed file
  Detects executables packed with UPX/modified UPX open source packer.
  upx
- Drops file in System32 directory
behavioral1 behavioral2

MITRE ATT&CK Matrix ATT&CK v13

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Modify Registry

Credential Access

Discovery

Lateral Movement

Collection

Exfiltration

Command and Control

Impact

Resource Development

Reconnaissance

Tasks

static1

behavioral1

behavioral2

ramnitbankerspywarestealertrojanupxworm

© 2018-2024

Terms | Privacy