ramnit | ab147a1987b15dbd897ee3f13eac610cb5a1edd445c08a669f16eefa632ecb37 | Triage

Submit
Reports

Overview

overview

Static

static

ab147a1987...37.exe

windows7_x64

ab147a1987...37.exe

windows10_x64

Sharing

General

Target

ab147a1987b15dbd897ee3f13eac610cb5a1edd445c08a669f16eefa632ecb37
Size

355KB
Sample

210515-jw3tctsq3e
MD5

b04f67e5770cdf247ee3f6312a1036d8
SHA1

1224c2590382c68c8a2d6a5f60649db1e4cdb958
SHA256

ab147a1987b15dbd897ee3f13eac610cb5a1edd445c08a669f16eefa632ecb37
SHA512

fddb000825716688d9610b72ac144ccc5bea69b13a086f4da3ed13908c63f9dab1e050b0fd0d3a8d58bb7d338849b6625f5b0905a3f4ef324297c15ee20c0667

Score

10^/10

ramnit banker evasion spyware stealer trojan upx worm

Static task

static1

Behavioral task

behavioral1

Sample

ab147a1987b15dbd897ee3f13eac610cb5a1edd445c08a669f16eefa632ecb37.exe

Resource

win7v20210408

ramnit banker spyware stealer trojan upx worm

windows7_x64

0 signatures

0 seconds

Behavioral task

behavioral2

Sample

ab147a1987b15dbd897ee3f13eac610cb5a1edd445c08a669f16eefa632ecb37.exe

Resource

win10v20210410

ramnit banker evasion spyware stealer trojan upx worm

windows10_x64

0 signatures

0 seconds

Malware Config

Targets

- Target
  
  ab147a1987b15dbd897ee3f13eac610cb5a1edd445c08a669f16eefa632ecb37
- Size
  
  355KB
- MD5
  
  b04f67e5770cdf247ee3f6312a1036d8
- SHA1
  
  1224c2590382c68c8a2d6a5f60649db1e4cdb958
- SHA256
  
  ab147a1987b15dbd897ee3f13eac610cb5a1edd445c08a669f16eefa632ecb37
- SHA512
  
  fddb000825716688d9610b72ac144ccc5bea69b13a086f4da3ed13908c63f9dab1e050b0fd0d3a8d58bb7d338849b6625f5b0905a3f4ef324297c15ee20c0667
Score

10^/10

ramnit banker spyware stealer trojan upx worm evasion
- Modifies firewall policy service
  evasion
- Ramnit
  Ramnit is a versatile family that holds viruses, worms, and Trojans.
  trojan spyware stealer worm banker ramnit
- Executes dropped EXE
- UPX packed file
  Detects executables packed with UPX/modified UPX open source packer.
  upx
- Loads dropped DLL
behavioral1 behavioral2

MITRE ATT&CK Matrix ATT&CK v6

Initial Access

Execution

Persistence

Modify Existing Service

Privilege Escalation

Defense Evasion

Modify Registry

Credential Access

Discovery

Lateral Movement

Collection

Exfiltration

Command and Control

Impact

Tasks

static1

behavioral1

ramnitbankerspywarestealertrojanupxworm

behavioral2

ramnitbankerevasionspywarestealertrojanupxworm

© 2018-2024

Terms | Privacy