ramnit | bc35cf57e017aea5874d3b6f7d896c269e6d8af0b007bbd2b162e2b830400551 | Triage

Submit
Reports

Overview

overview

Static

static

8

bc35cf57e0...51.exe

windows7_x64

bc35cf57e0...51.exe

windows10_x64

Sharing

General

Target

bc35cf57e017aea5874d3b6f7d896c269e6d8af0b007bbd2b162e2b830400551
Size

71KB
Sample

210515-1qlw9xtp4j
MD5

64554b9979e4a416276cc349e4ab5eb4
SHA1

cca1062150d9276b18bd5c82cf8bdd07ac87ac1a
SHA256

bc35cf57e017aea5874d3b6f7d896c269e6d8af0b007bbd2b162e2b830400551
SHA512

07892a3edd51127d186fbd13130fba20ee8e610c943835121e3b1cf1181015b4570c738842bf7371c075fb10b346df0078bd4f8e12ba171c0ee55301222e4a87

Score

10^/10

ramnit banker spyware stealer trojan upx worm

Static task

static1

Behavioral task

behavioral1

Sample

bc35cf57e017aea5874d3b6f7d896c269e6d8af0b007bbd2b162e2b830400551.exe

Resource

win7v20210410

ramnit banker spyware stealer trojan upx worm

windows7_x64

0 signatures

0 seconds

Behavioral task

behavioral2

Sample

bc35cf57e017aea5874d3b6f7d896c269e6d8af0b007bbd2b162e2b830400551.exe

Resource

win10v20210408

ramnit banker spyware stealer trojan upx worm

windows10_x64

0 signatures

0 seconds

Malware Config

Targets

- Target
  
  bc35cf57e017aea5874d3b6f7d896c269e6d8af0b007bbd2b162e2b830400551
- Size
  
  71KB
- MD5
  
  64554b9979e4a416276cc349e4ab5eb4
- SHA1
  
  cca1062150d9276b18bd5c82cf8bdd07ac87ac1a
- SHA256
  
  bc35cf57e017aea5874d3b6f7d896c269e6d8af0b007bbd2b162e2b830400551
- SHA512
  
  07892a3edd51127d186fbd13130fba20ee8e610c943835121e3b1cf1181015b4570c738842bf7371c075fb10b346df0078bd4f8e12ba171c0ee55301222e4a87
Score

10^/10

ramnit banker spyware stealer trojan upx worm
- Ramnit
  Ramnit is a versatile family that holds viruses, worms, and Trojans.
  trojan spyware stealer worm banker ramnit
- Suspicious use of NtCreateProcessExOtherParentProcess
- Executes dropped EXE
- UPX packed file
  Detects executables packed with UPX/modified UPX open source packer.
  upx
- Loads dropped DLL
behavioral1 behavioral2

MITRE ATT&CK Matrix ATT&CK v6

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Modify Registry

Credential Access

Discovery

Lateral Movement

Collection

Exfiltration

Command and Control

Impact

Tasks

static1

behavioral1

ramnitbankerspywarestealertrojanupxworm

behavioral2

ramnitbankerspywarestealertrojanupxworm

© 2018-2024

Terms | Privacy