ramnit | 3cabd6b4edbffa940ed1080ab93015ed89a5d1ab228e5008677de63dbd2fbbe3 | Triage

Submit
Reports

Overview

overview

Static

static

3cabd6b4ed...e3.exe

windows7_x64

3cabd6b4ed...e3.exe

windows10-2004_x64

Sharing

General

Target

3cabd6b4edbffa940ed1080ab93015ed89a5d1ab228e5008677de63dbd2fbbe3
Size

469KB
Sample

220703-gd9ymshahn
MD5

709802f0cfb676e53115189b5cd91cfc
SHA1

97027efdd9473b5f431179bc9b7ced86126cc625
SHA256

3cabd6b4edbffa940ed1080ab93015ed89a5d1ab228e5008677de63dbd2fbbe3
SHA512

2e7fd447ecfdb6bb53dce4e7d560881ecfbe036b5dd2c20414fb76c792653ca40a2b9774cc40ee074d3a4c0a340521bf120a93d174c3c69ce2fb562412ba951e

Score

10^/10

ramnit banker evasion spyware stealer trojan upx worm

Static task

static1

Behavioral task

behavioral1

Sample

3cabd6b4edbffa940ed1080ab93015ed89a5d1ab228e5008677de63dbd2fbbe3.exe

Resource

win7-20220414-en

ramnit banker spyware stealer trojan upx worm

windows7_x64

0 signatures

0 seconds

Behavioral task

behavioral2

Sample

3cabd6b4edbffa940ed1080ab93015ed89a5d1ab228e5008677de63dbd2fbbe3.exe

Resource

win10v2004-20220414-en

ramnit banker evasion spyware stealer trojan upx worm

windows10-2004_x64

0 signatures

0 seconds

Malware Config

Targets

- Target
  
  3cabd6b4edbffa940ed1080ab93015ed89a5d1ab228e5008677de63dbd2fbbe3
- Size
  
  469KB
- MD5
  
  709802f0cfb676e53115189b5cd91cfc
- SHA1
  
  97027efdd9473b5f431179bc9b7ced86126cc625
- SHA256
  
  3cabd6b4edbffa940ed1080ab93015ed89a5d1ab228e5008677de63dbd2fbbe3
- SHA512
  
  2e7fd447ecfdb6bb53dce4e7d560881ecfbe036b5dd2c20414fb76c792653ca40a2b9774cc40ee074d3a4c0a340521bf120a93d174c3c69ce2fb562412ba951e
Score

10^/10

ramnit banker spyware stealer trojan upx worm evasion
- Ramnit
  Ramnit is a versatile family that holds viruses, worms, and Trojans.
  trojan spyware stealer worm banker ramnit
- Executes dropped EXE
- UPX packed file
  Detects executables packed with UPX/modified UPX open source packer.
  upx
- Loads dropped DLL
- Checks whether UAC is enabled
  evasion trojan
- Enumerates connected drives
  Attempts to read the root path of hard drives other than the default C: drive.
- Program crash
- Drops file in System32 directory
behavioral1 behavioral2

MITRE ATT&CK Matrix ATT&CK v6

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Modify Registry

Credential Access

Discovery

System Information Discovery

Query Registry

Peripheral Device Discovery

Lateral Movement

Collection

Exfiltration

Command and Control

Impact

Tasks

static1

behavioral1

ramnitbankerspywarestealertrojanupxworm

behavioral2

ramnitbankerevasionspywarestealertrojanupxworm

© 2018-2024

Terms | Privacy