ramnit | 5129abc19e45560906c052eed096d9e64d3e9d1efd38903e5f81ee87626f8ae7 | Triage

Submit
Reports

Overview

overview

Static

static

5129abc19e...e7.exe

windows7_x64

5129abc19e...e7.exe

windows10_x64

Sharing

General

Target

5129abc19e45560906c052eed096d9e64d3e9d1efd38903e5f81ee87626f8ae7
Size

881KB
Sample

220329-k27pzachf9
MD5

7c78250e1d545f0599b0fd55efb759e8
SHA1

6d08a40e1862c33023b1de085e6ad21dc3a0df79
SHA256

5129abc19e45560906c052eed096d9e64d3e9d1efd38903e5f81ee87626f8ae7
SHA512

770d415949339181fcb93ca478a09d591310427a97d7b0455a8b284a515c60b7dfb278568d59d2b690f5af94b6752803a0f32f808fc175a9351ea10229d14cde

Score

10^/10

ramnit banker spyware stealer trojan upx worm

Static task

static1

Behavioral task

behavioral1

Sample

5129abc19e45560906c052eed096d9e64d3e9d1efd38903e5f81ee87626f8ae7.exe

Resource

win7-20220311-en

ramnit banker spyware stealer trojan upx worm

windows7_x64

0 signatures

0 seconds

Behavioral task

behavioral2

Sample

5129abc19e45560906c052eed096d9e64d3e9d1efd38903e5f81ee87626f8ae7.exe

Resource

win10-20220223-en

ramnit banker spyware stealer trojan upx worm

windows10_x64

0 signatures

0 seconds

Malware Config

Targets

- Target
  
  5129abc19e45560906c052eed096d9e64d3e9d1efd38903e5f81ee87626f8ae7
- Size
  
  881KB
- MD5
  
  7c78250e1d545f0599b0fd55efb759e8
- SHA1
  
  6d08a40e1862c33023b1de085e6ad21dc3a0df79
- SHA256
  
  5129abc19e45560906c052eed096d9e64d3e9d1efd38903e5f81ee87626f8ae7
- SHA512
  
  770d415949339181fcb93ca478a09d591310427a97d7b0455a8b284a515c60b7dfb278568d59d2b690f5af94b6752803a0f32f808fc175a9351ea10229d14cde
Score

10^/10

ramnit banker spyware stealer trojan upx worm
- Ramnit
  Ramnit is a versatile family that holds viruses, worms, and Trojans.
  trojan spyware stealer worm banker ramnit
- Executes dropped EXE
- UPX packed file
  Detects executables packed with UPX/modified UPX open source packer.
  upx
- Drops startup file
- Loads dropped DLL
- Drops autorun.inf file
  Malware can abuse Windows Autorun to spread further via attached volumes.
behavioral1 behavioral2

MITRE ATT&CK Enterprise v6

Initial Access

Replication Through Removable Media

Execution

Persistence

Privilege Escalation

Defense Evasion

Modify Registry

Credential Access

Discovery

System Information Discovery

Lateral Movement

Replication Through Removable Media

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

ramnitbankerspywarestealertrojanupxworm

behavioral2

ramnitbankerspywarestealertrojanupxworm

© 2018-2024

Terms | Privacy