ramnit | 26dabe0dcfdda0b276272aa36803e9c68d16c0c9be268bfcb63d5004b639db21 | Triage

Submit
Reports

Overview

overview

Static

static

1

26dabe0dcf...21.exe

windows7_x64

26dabe0dcf...21.exe

windows10-2004_x64

Sharing

General

Target

26dabe0dcfdda0b276272aa36803e9c68d16c0c9be268bfcb63d5004b639db21
Size

3.6MB
Sample

220616-hwc73agahk
MD5

8ac6048052fe6d058ea3c6b5a386e8c6
SHA1

d1421972e36d14ec459b610eae60f1887d095038
SHA256

26dabe0dcfdda0b276272aa36803e9c68d16c0c9be268bfcb63d5004b639db21
SHA512

90830292633117c2b6990abed881dc39dfeb7cefdb060fda4748fcae3e37a82b20ee2b9fd7e3d6398af345e81c7a7827b52b7738a4e8e574233c5d5aad6918c3

Score

10^/10

ramnit banker spyware stealer trojan upx worm

Static task

static1

Behavioral task

behavioral1

Sample

26dabe0dcfdda0b276272aa36803e9c68d16c0c9be268bfcb63d5004b639db21.exe

Resource

win7-20220414-en

ramnit banker spyware stealer trojan upx worm

windows7_x64

0 signatures

0 seconds

Behavioral task

behavioral2

Sample

26dabe0dcfdda0b276272aa36803e9c68d16c0c9be268bfcb63d5004b639db21.exe

Resource

win10v2004-20220414-en

ramnit banker spyware stealer trojan upx worm

windows10-2004_x64

0 signatures

0 seconds

Malware Config

Targets

- Target
  
  26dabe0dcfdda0b276272aa36803e9c68d16c0c9be268bfcb63d5004b639db21
- Size
  
  3.6MB
- MD5
  
  8ac6048052fe6d058ea3c6b5a386e8c6
- SHA1
  
  d1421972e36d14ec459b610eae60f1887d095038
- SHA256
  
  26dabe0dcfdda0b276272aa36803e9c68d16c0c9be268bfcb63d5004b639db21
- SHA512
  
  90830292633117c2b6990abed881dc39dfeb7cefdb060fda4748fcae3e37a82b20ee2b9fd7e3d6398af345e81c7a7827b52b7738a4e8e574233c5d5aad6918c3
Score

10^/10

ramnit banker spyware stealer trojan upx worm
- Ramnit
  Ramnit is a versatile family that holds viruses, worms, and Trojans.
  trojan spyware stealer worm banker ramnit
- Executes dropped EXE
- UPX packed file
  Detects executables packed with UPX/modified UPX open source packer.
  upx
- Checks computer location settings
  Looks up country code configured in the registry, likely geofence.
- Loads dropped DLL
- AutoIT Executable
  AutoIT scripts compiled to PE executables.
behavioral1 behavioral2

MITRE ATT&CK Matrix ATT&CK v6

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Modify Registry

Credential Access

Discovery

Query Registry

System Information Discovery

Lateral Movement

Collection

Exfiltration

Command and Control

Impact

Tasks

static1

behavioral1

ramnitbankerspywarestealertrojanupxworm

behavioral2

ramnitbankerspywarestealertrojanupxworm

© 2018-2024

Terms | Privacy