ramnit | 1ffe5501b656c49a8c3a723834ee0da9ad2af65c780720f57d6d65f7fcdfdc1e | Triage

Submit
Reports

Overview

overview

Static

static

1

1ffe5501b6...1e.exe

windows7_x64

1ffe5501b6...1e.exe

windows10-2004_x64

Sharing

General

Target

1ffe5501b656c49a8c3a723834ee0da9ad2af65c780720f57d6d65f7fcdfdc1e
Size

1.3MB
Sample

220612-rbckgaecck
MD5

1aab0bc42e16efbbe769dd65414c848d
SHA1

8e3c247de2459f9ed4885999678a8dcc15b54881
SHA256

1ffe5501b656c49a8c3a723834ee0da9ad2af65c780720f57d6d65f7fcdfdc1e
SHA512

c10e307dc85467ba2dbd955f6387f44a3a67476afc5e8f8c98e695dca12fc452eed41b76a9f087b5db7b2ab1db4f390048059e1ca0664f78a08a07fcd078c248

Score

10^/10

ramnit banker spyware stealer trojan upx worm

Static task

static1

Behavioral task

behavioral1

Sample

1ffe5501b656c49a8c3a723834ee0da9ad2af65c780720f57d6d65f7fcdfdc1e.exe

Resource

win7-20220414-en

ramnit banker spyware stealer trojan upx worm

windows7_x64

0 signatures

0 seconds

Behavioral task

behavioral2

Sample

1ffe5501b656c49a8c3a723834ee0da9ad2af65c780720f57d6d65f7fcdfdc1e.exe

Resource

win10v2004-20220414-en

ramnit banker spyware stealer trojan upx worm

windows10-2004_x64

0 signatures

0 seconds

Malware Config

Targets

- Target
  
  1ffe5501b656c49a8c3a723834ee0da9ad2af65c780720f57d6d65f7fcdfdc1e
- Size
  
  1.3MB
- MD5
  
  1aab0bc42e16efbbe769dd65414c848d
- SHA1
  
  8e3c247de2459f9ed4885999678a8dcc15b54881
- SHA256
  
  1ffe5501b656c49a8c3a723834ee0da9ad2af65c780720f57d6d65f7fcdfdc1e
- SHA512
  
  c10e307dc85467ba2dbd955f6387f44a3a67476afc5e8f8c98e695dca12fc452eed41b76a9f087b5db7b2ab1db4f390048059e1ca0664f78a08a07fcd078c248
Score

10^/10

ramnit banker spyware stealer trojan upx worm
- Ramnit
  Ramnit is a versatile family that holds viruses, worms, and Trojans.
  trojan spyware stealer worm banker ramnit
- ACProtect 1.3x - 1.4x DLL software
  Detects file using ACProtect software.
- Executes dropped EXE
- UPX packed file
  Detects executables packed with UPX/modified UPX open source packer.
  upx
- Loads dropped DLL
behavioral1 behavioral2

MITRE ATT&CK Enterprise v6

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Modify Registry

Credential Access

Discovery

System Information Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

ramnitbankerspywarestealertrojanupxworm

behavioral2

ramnitbankerspywarestealertrojanupxworm

© 2018-2024

Terms | Privacy