ramnit | cae6b4e39ba4d063f5cba8661273f32c02220cbb462a7588b5b47e7b50da5207 | Triage

Submit
Reports

Overview

overview

Static

static

cae6b4e39b...07.exe

windows7_x64

cae6b4e39b...07.exe

windows10_x64

Sharing

General

Target

cae6b4e39ba4d063f5cba8661273f32c02220cbb462a7588b5b47e7b50da5207
Size

339KB
Sample

210515-w3zqjcgjcs
MD5

3e628e1e2058f245977a30bf45a665f0
SHA1

d029f681a32c8d9cb47e896ebf1c5e0bd5404742
SHA256

cae6b4e39ba4d063f5cba8661273f32c02220cbb462a7588b5b47e7b50da5207
SHA512

5e352dc7f353094980152e3e9af2564b6b6c121b68268334fd9c8c4a9f50cdfda342025e5602be525266fe0cb2eb30bfac25d69c745a9be76e1a636834044cc7

Score

10^/10

ramnit banker evasion spyware stealer trojan upx worm

Static task

static1

Behavioral task

behavioral1

Sample

cae6b4e39ba4d063f5cba8661273f32c02220cbb462a7588b5b47e7b50da5207.exe

Resource

win7v20210410

ramnit banker spyware stealer trojan upx worm

windows7_x64

0 signatures

0 seconds

Behavioral task

behavioral2

Sample

cae6b4e39ba4d063f5cba8661273f32c02220cbb462a7588b5b47e7b50da5207.exe

Resource

win10v20210408

ramnit banker evasion spyware stealer trojan upx worm

windows10_x64

0 signatures

0 seconds

Malware Config

Targets

- Target
  
  cae6b4e39ba4d063f5cba8661273f32c02220cbb462a7588b5b47e7b50da5207
- Size
  
  339KB
- MD5
  
  3e628e1e2058f245977a30bf45a665f0
- SHA1
  
  d029f681a32c8d9cb47e896ebf1c5e0bd5404742
- SHA256
  
  cae6b4e39ba4d063f5cba8661273f32c02220cbb462a7588b5b47e7b50da5207
- SHA512
  
  5e352dc7f353094980152e3e9af2564b6b6c121b68268334fd9c8c4a9f50cdfda342025e5602be525266fe0cb2eb30bfac25d69c745a9be76e1a636834044cc7
Score

10^/10

ramnit banker spyware stealer trojan upx worm evasion
- Modifies firewall policy service
  evasion
- Ramnit
  Ramnit is a versatile family that holds viruses, worms, and Trojans.
  trojan spyware stealer worm banker ramnit
- Executes dropped EXE
- UPX packed file
  Detects executables packed with UPX/modified UPX open source packer.
  upx
- Loads dropped DLL
behavioral1 behavioral2

MITRE ATT&CK Matrix ATT&CK v6

Initial Access

Execution

Persistence

Modify Existing Service

Privilege Escalation

Defense Evasion

Modify Registry

Credential Access

Discovery

Lateral Movement

Collection

Exfiltration

Command and Control

Impact

Tasks

static1

behavioral1

ramnitbankerspywarestealertrojanupxworm

behavioral2

ramnitbankerevasionspywarestealertrojanupxworm

© 2018-2024

Terms | Privacy