ramnit | 517f0cc29417124f816eef0a24ba38c358ae64be602f801b7b071ad60b42d7f6 | Triage

Submit
Reports

Overview

overview

Static

static

517f0cc294...f6.exe

windows7-x64

517f0cc294...f6.exe

windows10-2004-x64

Sharing

General

Target

517f0cc29417124f816eef0a24ba38c358ae64be602f801b7b071ad60b42d7f6
Size

3.1MB
Sample

220718-saqldagchk
MD5

46329eac5a2329acc49e497a3d6443b6
SHA1

172bce8d7833a33dbe80c8d5b7c0e745fea374ce
SHA256

517f0cc29417124f816eef0a24ba38c358ae64be602f801b7b071ad60b42d7f6
SHA512

3b807588e1d9fd1a27f5b9ea778b489c775600d6304f9d35b2a16618adefd3f88b52ae4aaccc38d88c2c8f2dd6b20f3350dfca37f6705f66a40bb102a9713f70

Score

10^/10

ramnit banker spyware stealer trojan upx vmprotect worm

Static task

static1

Behavioral task

behavioral1

Sample

517f0cc29417124f816eef0a24ba38c358ae64be602f801b7b071ad60b42d7f6.exe

Resource

win7-20220718-en

ramnit banker spyware stealer trojan upx vmprotect worm

windows7-x64

11 signatures

150 seconds

Behavioral task

behavioral2

Sample

517f0cc29417124f816eef0a24ba38c358ae64be602f801b7b071ad60b42d7f6.exe

Resource

win10v2004-20220414-en

ramnit banker spyware stealer trojan upx vmprotect worm

windows10-2004-x64

11 signatures

150 seconds

Malware Config

Targets

- Target
  
  517f0cc29417124f816eef0a24ba38c358ae64be602f801b7b071ad60b42d7f6
- Size
  
  3.1MB
- MD5
  
  46329eac5a2329acc49e497a3d6443b6
- SHA1
  
  172bce8d7833a33dbe80c8d5b7c0e745fea374ce
- SHA256
  
  517f0cc29417124f816eef0a24ba38c358ae64be602f801b7b071ad60b42d7f6
- SHA512
  
  3b807588e1d9fd1a27f5b9ea778b489c775600d6304f9d35b2a16618adefd3f88b52ae4aaccc38d88c2c8f2dd6b20f3350dfca37f6705f66a40bb102a9713f70
Score

10^/10

ramnit banker spyware stealer trojan upx vmprotect worm
- Ramnit
  Ramnit is a versatile family that holds viruses, worms, and Trojans.
  trojan spyware stealer worm banker ramnit
- Executes dropped EXE
- UPX packed file
  Detects executables packed with UPX/modified UPX open source packer.
  upx
- VMProtect packed file
  Detects executables packed with VMProtect commercial packer.
  vmprotect
- Loads dropped DLL
behavioral1 behavioral2

MITRE ATT&CK Matrix ATT&CK v6

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Modify Registry

Credential Access

Discovery

Lateral Movement

Collection

Exfiltration

Command and Control

Impact

Tasks

static1

behavioral1

ramnitbankerspywarestealertrojanupxvmprotectworm

behavioral2

ramnitbankerspywarestealertrojanupxvmprotectworm

© 2018-2024

Terms | Privacy