ramnit | 2ebc6cc0eb028071216502404e6935ec6faa3ca5f5f016ec923eefadd399a08d | Triage

Submit
Reports

Overview

overview

Static

static

8

2ebc6cc0eb...8d.exe

windows7_x64

2ebc6cc0eb...8d.exe

windows10_x64

Sharing

General

Target

2ebc6cc0eb028071216502404e6935ec6faa3ca5f5f016ec923eefadd399a08d
Size

1.1MB
Sample

210515-mare71zpwe
MD5

0e4bd5604ce39c05edd755990ed830ad
SHA1

99e2a36b902b831bcb592fe97e0d48f04aee67a5
SHA256

2ebc6cc0eb028071216502404e6935ec6faa3ca5f5f016ec923eefadd399a08d
SHA512

b0a8614acccaa7c509ec5a74d5b5ddaaaac3057c0711e19a3fb2250a85103969230ca60b7d65a8601c747f3c2ac627f9b263d3b58d60fe3a77ca36c02e8bcd00

Score

10^/10

ramnit banker evasion spyware stealer trojan upx worm

Static task

static1

Behavioral task

behavioral1

Sample

2ebc6cc0eb028071216502404e6935ec6faa3ca5f5f016ec923eefadd399a08d.exe

Resource

win7v20210410

ramnit banker evasion spyware stealer trojan upx worm

windows7_x64

0 signatures

0 seconds

Behavioral task

behavioral2

Sample

2ebc6cc0eb028071216502404e6935ec6faa3ca5f5f016ec923eefadd399a08d.exe

Resource

win10v20210408

ramnit banker evasion spyware stealer trojan upx worm

windows10_x64

0 signatures

0 seconds

Malware Config

Targets

- Target
  
  2ebc6cc0eb028071216502404e6935ec6faa3ca5f5f016ec923eefadd399a08d
- Size
  
  1.1MB
- MD5
  
  0e4bd5604ce39c05edd755990ed830ad
- SHA1
  
  99e2a36b902b831bcb592fe97e0d48f04aee67a5
- SHA256
  
  2ebc6cc0eb028071216502404e6935ec6faa3ca5f5f016ec923eefadd399a08d
- SHA512
  
  b0a8614acccaa7c509ec5a74d5b5ddaaaac3057c0711e19a3fb2250a85103969230ca60b7d65a8601c747f3c2ac627f9b263d3b58d60fe3a77ca36c02e8bcd00
Score

10^/10

ramnit banker evasion spyware stealer trojan upx worm
- Ramnit
  Ramnit is a versatile family that holds viruses, worms, and Trojans.
  trojan spyware stealer worm banker ramnit
- Executes dropped EXE
- UPX packed file
  Detects executables packed with UPX/modified UPX open source packer.
  upx
- Loads dropped DLL
- Checks whether UAC is enabled
  evasion trojan
behavioral1 behavioral2

MITRE ATT&CK Matrix ATT&CK v6

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Modify Registry

Credential Access

Discovery

System Information Discovery

Lateral Movement

Collection

Exfiltration

Command and Control

Impact

Tasks

static1

behavioral1

ramnitbankerevasionspywarestealertrojanupxworm

behavioral2

ramnitbankerevasionspywarestealertrojanupxworm

© 2018-2024

Terms | Privacy