ramnit | 3caa4a80674a9861c9a07a2c634e76c108bed7735ae1ecca35cba72062d3c34c | Triage

Submit
Reports

Overview

overview

Static

static

3caa4a8067...4c.exe

windows7_x64

3caa4a8067...4c.exe

windows10-2004_x64

Sharing

General

Target

3caa4a80674a9861c9a07a2c634e76c108bed7735ae1ecca35cba72062d3c34c
Size

3.2MB
Sample

220703-ges2hsbac5
MD5

b9282692990cda5d599200a66fe97c64
SHA1

9fcc302182d8c9d0111e90caca88ed6a3c64d7c5
SHA256

3caa4a80674a9861c9a07a2c634e76c108bed7735ae1ecca35cba72062d3c34c
SHA512

ddeb1c8e206109dd83b8c0f81508bce049e2eecdfc65e106b7931089d4f7be78936ee4091f40949c61fdb9ee208bd534f657d7add5038cda4c591ac05d2ea770

Score

10^/10

ramnit banker spyware stealer trojan upx worm

Static task

static1

Behavioral task

behavioral1

Sample

3caa4a80674a9861c9a07a2c634e76c108bed7735ae1ecca35cba72062d3c34c.exe

Resource

win7-20220414-en

ramnit banker spyware stealer trojan upx worm

windows7_x64

0 signatures

0 seconds

Behavioral task

behavioral2

Sample

3caa4a80674a9861c9a07a2c634e76c108bed7735ae1ecca35cba72062d3c34c.exe

Resource

win10v2004-20220414-en

ramnit banker spyware stealer trojan upx worm

windows10-2004_x64

0 signatures

0 seconds

Malware Config

Targets

- Target
  
  3caa4a80674a9861c9a07a2c634e76c108bed7735ae1ecca35cba72062d3c34c
- Size
  
  3.2MB
- MD5
  
  b9282692990cda5d599200a66fe97c64
- SHA1
  
  9fcc302182d8c9d0111e90caca88ed6a3c64d7c5
- SHA256
  
  3caa4a80674a9861c9a07a2c634e76c108bed7735ae1ecca35cba72062d3c34c
- SHA512
  
  ddeb1c8e206109dd83b8c0f81508bce049e2eecdfc65e106b7931089d4f7be78936ee4091f40949c61fdb9ee208bd534f657d7add5038cda4c591ac05d2ea770
Score

10^/10

ramnit banker spyware stealer trojan upx worm
- Ramnit
  Ramnit is a versatile family that holds viruses, worms, and Trojans.
  trojan spyware stealer worm banker ramnit
- Drops file in Drivers directory
- Executes dropped EXE
- UPX packed file
  Detects executables packed with UPX/modified UPX open source packer.
  upx
- Deletes itself
- Loads dropped DLL
behavioral1 behavioral2

MITRE ATT&CK Matrix ATT&CK v6

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Modify Registry

Credential Access

Discovery

Lateral Movement

Collection

Exfiltration

Command and Control

Impact

Tasks

static1

behavioral1

ramnitbankerspywarestealertrojanupxworm

behavioral2

ramnitbankerspywarestealertrojanupxworm

© 2018-2024

Terms | Privacy