ramnit | c107d5d3baa13dfdd1e91ee9aafc8583e0b1f7c86e721132fb37724625717049 | Triage

Submit
Reports

Overview

overview

Static

static

8

c107d5d3ba...49.exe

windows7_x64

c107d5d3ba...49.exe

windows10-2004_x64

Sharing

General

Target

c107d5d3baa13dfdd1e91ee9aafc8583e0b1f7c86e721132fb37724625717049
Size

1.3MB
Sample

220520-raenfafca6
MD5

fda68efd40295fd40a620060a8fc9e72
SHA1

f77ed41fc1de0bd5ca99bdd5eefe98894be5ab01
SHA256

c107d5d3baa13dfdd1e91ee9aafc8583e0b1f7c86e721132fb37724625717049
SHA512

7dd384dc749025aa15c9a9e81db69ac46c1ae42cedc781849342433961187a366fbaaa7de36c413bc37168645337011e84d568c88d856527a8fd2bf66dcde527

Score

10^/10

ramnit banker bootkit persistence spyware stealer trojan upx worm

Static task

static1

Behavioral task

behavioral1

Sample

c107d5d3baa13dfdd1e91ee9aafc8583e0b1f7c86e721132fb37724625717049.exe

Resource

win7-20220414-en

ramnit banker spyware stealer trojan upx worm

windows7_x64

0 signatures

0 seconds

Behavioral task

behavioral2

Sample

c107d5d3baa13dfdd1e91ee9aafc8583e0b1f7c86e721132fb37724625717049.exe

Resource

win10v2004-20220414-en

ramnit banker bootkit persistence spyware stealer trojan upx worm

windows10-2004_x64

0 signatures

0 seconds

Malware Config

Targets

- Target
  
  c107d5d3baa13dfdd1e91ee9aafc8583e0b1f7c86e721132fb37724625717049
- Size
  
  1.3MB
- MD5
  
  fda68efd40295fd40a620060a8fc9e72
- SHA1
  
  f77ed41fc1de0bd5ca99bdd5eefe98894be5ab01
- SHA256
  
  c107d5d3baa13dfdd1e91ee9aafc8583e0b1f7c86e721132fb37724625717049
- SHA512
  
  7dd384dc749025aa15c9a9e81db69ac46c1ae42cedc781849342433961187a366fbaaa7de36c413bc37168645337011e84d568c88d856527a8fd2bf66dcde527
Score

10^/10

ramnit banker spyware stealer trojan upx worm bootkit persistence
- Ramnit
  Ramnit is a versatile family that holds viruses, worms, and Trojans.
  trojan spyware stealer worm banker ramnit
- Executes dropped EXE
- UPX packed file
  Detects executables packed with UPX/modified UPX open source packer.
  upx
- Loads dropped DLL
- Writes to the Master Boot Record (MBR)
  Bootkits write to the MBR to gain persistence at a level below the operating system.
  bootkit persistence
behavioral1 behavioral2

MITRE ATT&CK Matrix ATT&CK v6

Initial Access

Execution

Persistence

Bootkit

Privilege Escalation

Defense Evasion

Modify Registry

Credential Access

Discovery

Lateral Movement

Collection

Exfiltration

Command and Control

Impact

Tasks

static1

behavioral1

ramnitbankerspywarestealertrojanupxworm

behavioral2

ramnitbankerbootkitpersistencespywarestealertrojanupxworm

© 2018-2024

Terms | Privacy