ramnit | 4930bcdacba493955d0c53176a5434ad7269ed82d156160c73039ddee90b553f | Triage

Submit
Reports

Overview

overview

Static

static

4930bcdacb...3f.exe

windows7_x64

4930bcdacb...3f.exe

windows10_x64

Sharing

General

Target

4930bcdacba493955d0c53176a5434ad7269ed82d156160c73039ddee90b553f
Size

2.7MB
Sample

210515-866rlebn2e
MD5

639b555bc2f972a8fe6a73c8ef708a76
SHA1

25e1316a95f0f4ef1aabf0e520b30e1eda399680
SHA256

4930bcdacba493955d0c53176a5434ad7269ed82d156160c73039ddee90b553f
SHA512

058da320e766cd074005f60d20a9676eab5ad319c942346b5f071d8cd606879204a1543ca3d854b95cc48a06a3abe85bb6bb7bc32f90d030b2cbf61f6c20db0f

Score

10^/10

ramnit banker evasion spyware stealer trojan upx worm

Static task

static1

Behavioral task

behavioral1

Sample

4930bcdacba493955d0c53176a5434ad7269ed82d156160c73039ddee90b553f.exe

Resource

win7v20210408

ramnit banker evasion spyware stealer trojan upx worm

windows7_x64

0 signatures

0 seconds

Behavioral task

behavioral2

Sample

4930bcdacba493955d0c53176a5434ad7269ed82d156160c73039ddee90b553f.exe

Resource

win10v20210408

ramnit banker evasion spyware stealer trojan upx worm

windows10_x64

0 signatures

0 seconds

Malware Config

Targets

- Target
  
  4930bcdacba493955d0c53176a5434ad7269ed82d156160c73039ddee90b553f
- Size
  
  2.7MB
- MD5
  
  639b555bc2f972a8fe6a73c8ef708a76
- SHA1
  
  25e1316a95f0f4ef1aabf0e520b30e1eda399680
- SHA256
  
  4930bcdacba493955d0c53176a5434ad7269ed82d156160c73039ddee90b553f
- SHA512
  
  058da320e766cd074005f60d20a9676eab5ad319c942346b5f071d8cd606879204a1543ca3d854b95cc48a06a3abe85bb6bb7bc32f90d030b2cbf61f6c20db0f
Score

10^/10

ramnit banker evasion spyware stealer trojan upx worm
- Modifies firewall policy service
  evasion
- Ramnit
  Ramnit is a versatile family that holds viruses, worms, and Trojans.
  trojan spyware stealer worm banker ramnit
- UAC bypass
  evasion trojan
- Windows security bypass
  evasion trojan
- UPX packed file
  Detects executables packed with UPX/modified UPX open source packer.
  upx
- Windows security modification
  evasion trojan
- Checks whether UAC is enabled
  evasion trojan
behavioral1 behavioral2

MITRE ATT&CK Matrix ATT&CK v6

Initial Access

Execution

Persistence

Modify Existing Service

Privilege Escalation

Bypass User Account Control

Defense Evasion

Modify Registry

Bypass User Account Control

Disabling Security Tools

Credential Access

Discovery

System Information Discovery

Lateral Movement

Collection

Exfiltration

Command and Control

Impact

Tasks

static1

behavioral1

ramnitbankerevasionspywarestealertrojanupxworm

behavioral2

ramnitbankerevasionspywarestealertrojanupxworm

© 2018-2024

Terms | Privacy