ramnit | 30f8137f89cd2a6ed4290c53d64fa955071a7c2f07d36c0df1b1472b53b406f8 | Triage

Submit
Reports

Overview

overview

Static

static

30f8137f89...f8.dll

windows7_x64

1

30f8137f89...f8.dll

windows10-2004_x64

Sharing

General

Target

30f8137f89cd2a6ed4290c53d64fa955071a7c2f07d36c0df1b1472b53b406f8
Size

1.2MB
Sample

220211-extpnacchp
MD5

e1349991d92ffeb9b5e39ee3aaaaf2d9
SHA1

39a27e4bd2309801bdd7a382754d6d5af0610314
SHA256

30f8137f89cd2a6ed4290c53d64fa955071a7c2f07d36c0df1b1472b53b406f8
SHA512

862ff1747ba3c70050a9dc175b1114bc42e7f5814175db32ce6886c3819dad9a179516832189766880b52a988c3e260a50db666f59382c80f4dde5c2b881887d

Score

10^/10

ramnit banker spyware stealer trojan upx worm

Static task

static1

Behavioral task

behavioral1

Sample

30f8137f89cd2a6ed4290c53d64fa955071a7c2f07d36c0df1b1472b53b406f8.dll

Resource

win7-en-20211208

windows7_x64

0 signatures

0 seconds

Behavioral task

behavioral2

Sample

30f8137f89cd2a6ed4290c53d64fa955071a7c2f07d36c0df1b1472b53b406f8.dll

Resource

win10v2004-en-20220112

ramnit banker spyware stealer trojan upx worm

windows10-2004_x64

0 signatures

0 seconds

Malware Config

Targets

- Target
  
  30f8137f89cd2a6ed4290c53d64fa955071a7c2f07d36c0df1b1472b53b406f8
- Size
  
  1.2MB
- MD5
  
  e1349991d92ffeb9b5e39ee3aaaaf2d9
- SHA1
  
  39a27e4bd2309801bdd7a382754d6d5af0610314
- SHA256
  
  30f8137f89cd2a6ed4290c53d64fa955071a7c2f07d36c0df1b1472b53b406f8
- SHA512
  
  862ff1747ba3c70050a9dc175b1114bc42e7f5814175db32ce6886c3819dad9a179516832189766880b52a988c3e260a50db666f59382c80f4dde5c2b881887d
Score

10^/10

ramnit banker spyware stealer trojan upx worm
- Ramnit
  Ramnit is a versatile family that holds viruses, worms, and Trojans.
  trojan spyware stealer worm banker ramnit
- Suspicious use of NtCreateProcessExOtherParentProcess
- Executes dropped EXE
- UPX packed file
  Detects executables packed with UPX/modified UPX open source packer.
  upx
- Drops file in System32 directory
behavioral1 behavioral2

MITRE ATT&CK Matrix ATT&CK v6

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Modify Registry

Credential Access

Discovery

Query Registry

System Information Discovery

Lateral Movement

Collection

Exfiltration

Command and Control

Impact

Tasks

static1

behavioral1

behavioral2

ramnitbankerspywarestealertrojanupxworm

© 2018-2024

Terms | Privacy