ramnit | 1f5d2bceb828eb93c595b991184a9a07983e9369ee1f589cee614d9761927ff8 | Triage

Submit
Reports

Overview

overview

Static

static

1

1f5d2bceb8...f8.exe

windows7_x64

1f5d2bceb8...f8.exe

windows10-2004_x64

Sharing

General

Target

1f5d2bceb828eb93c595b991184a9a07983e9369ee1f589cee614d9761927ff8
Size

4.1MB
Sample

220612-ws7jdsege4
MD5

c91a409e386c36cf75ac6431871dcfa6
SHA1

e1816085481134ad5881863e5add28f36428830e
SHA256

1f5d2bceb828eb93c595b991184a9a07983e9369ee1f589cee614d9761927ff8
SHA512

0e4042f54c8eef2ba494aba4d4ed678b79807c3af18ff3ce787bf3741d9e0096852880a416f5517b9ea7af22ebea0c3c17c9c0fd701a530728c5425a9b96ab32

Score

10^/10

ramnit banker spyware stealer trojan upx worm

Static task

static1

Behavioral task

behavioral1

Sample

1f5d2bceb828eb93c595b991184a9a07983e9369ee1f589cee614d9761927ff8.exe

Resource

win7-20220414-en

ramnit banker spyware stealer trojan upx worm

windows7_x64

0 signatures

0 seconds

Behavioral task

behavioral2

Sample

1f5d2bceb828eb93c595b991184a9a07983e9369ee1f589cee614d9761927ff8.exe

Resource

win10v2004-20220414-en

ramnit banker spyware stealer trojan upx worm

windows10-2004_x64

0 signatures

0 seconds

Malware Config

Targets

- Target
  
  1f5d2bceb828eb93c595b991184a9a07983e9369ee1f589cee614d9761927ff8
- Size
  
  4.1MB
- MD5
  
  c91a409e386c36cf75ac6431871dcfa6
- SHA1
  
  e1816085481134ad5881863e5add28f36428830e
- SHA256
  
  1f5d2bceb828eb93c595b991184a9a07983e9369ee1f589cee614d9761927ff8
- SHA512
  
  0e4042f54c8eef2ba494aba4d4ed678b79807c3af18ff3ce787bf3741d9e0096852880a416f5517b9ea7af22ebea0c3c17c9c0fd701a530728c5425a9b96ab32
Score

10^/10

ramnit banker spyware stealer trojan upx worm
- Ramnit
  Ramnit is a versatile family that holds viruses, worms, and Trojans.
  trojan spyware stealer worm banker ramnit
- Executes dropped EXE
- UPX packed file
  Detects executables packed with UPX/modified UPX open source packer.
  upx
- Checks computer location settings
  Looks up country code configured in the registry, likely geofence.
- Loads dropped DLL
behavioral1 behavioral2

MITRE ATT&CK Matrix ATT&CK v6

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Modify Registry

Credential Access

Discovery

Query Registry

System Information Discovery

Lateral Movement

Collection

Exfiltration

Command and Control

Impact

Tasks

static1

behavioral1

ramnitbankerspywarestealertrojanupxworm

behavioral2

ramnitbankerspywarestealertrojanupxworm

© 2018-2024

Terms | Privacy