ramnit | 84a6c6e20d397b8cf3c8c9ba06b749443543651b80b68c3ba802f5b5123c2612 | Triage

Submit
Reports

Overview

overview

Static

static

84a6c6e20d...12.dll

windows7-x64

84a6c6e20d...12.dll

windows10-2004-x64

Sharing

General

Target

84a6c6e20d397b8cf3c8c9ba06b749443543651b80b68c3ba802f5b5123c2612
Size

159KB
Sample

221003-x5n39acdh8
MD5

437a503385b32c72507bab9049388870
SHA1

3c037b4193a2cfaddff5baae7d874c4419fb7040
SHA256

84a6c6e20d397b8cf3c8c9ba06b749443543651b80b68c3ba802f5b5123c2612
SHA512

1868fd752bbd5c77d17d9b9b1f7b5f601670a2ec96803312a8d4afd3c6a9b5d4fea75f1e6d4ec9035a247b7d2ba0d4c0a6686621297f5986bc6c64700431e0cd
SSDEEP

3072:HRccpvUG4OmCnxYWI5SEsjCkoxNSzQF9eZy7LCmb9Su3JYn3TBf:yYU7cJcZZNIoeyDb9LGh

Score

10^/10

ramnit banker spyware stealer trojan upx worm

Static task

static1

Behavioral task

behavioral1

Sample

84a6c6e20d397b8cf3c8c9ba06b749443543651b80b68c3ba802f5b5123c2612.dll

Resource

win7-20220812-en

ramnit banker spyware stealer trojan upx worm

windows7-x64

11 signatures

150 seconds

Behavioral task

behavioral2

Sample

84a6c6e20d397b8cf3c8c9ba06b749443543651b80b68c3ba802f5b5123c2612.dll

Resource

win10v2004-20220812-en

ramnit banker spyware stealer trojan upx worm

windows10-2004-x64

11 signatures

150 seconds

Malware Config

Targets

- Target
  
  84a6c6e20d397b8cf3c8c9ba06b749443543651b80b68c3ba802f5b5123c2612
- Size
  
  159KB
- MD5
  
  437a503385b32c72507bab9049388870
- SHA1
  
  3c037b4193a2cfaddff5baae7d874c4419fb7040
- SHA256
  
  84a6c6e20d397b8cf3c8c9ba06b749443543651b80b68c3ba802f5b5123c2612
- SHA512
  
  1868fd752bbd5c77d17d9b9b1f7b5f601670a2ec96803312a8d4afd3c6a9b5d4fea75f1e6d4ec9035a247b7d2ba0d4c0a6686621297f5986bc6c64700431e0cd
- SSDEEP
  
  3072:HRccpvUG4OmCnxYWI5SEsjCkoxNSzQF9eZy7LCmb9Su3JYn3TBf:yYU7cJcZZNIoeyDb9LGh
Score

10^/10

ramnit banker spyware stealer trojan upx worm
- Ramnit
  Ramnit is a versatile family that holds viruses, worms, and Trojans.
  trojan spyware stealer worm banker ramnit
- Executes dropped EXE
- UPX packed file
  Detects executables packed with UPX/modified UPX open source packer.
  upx
- Loads dropped DLL
- Drops file in System32 directory
behavioral1 behavioral2

MITRE ATT&CK Enterprise v6

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Modify Registry

Credential Access

Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

ramnitbankerspywarestealertrojanupxworm

behavioral2

ramnitbankerspywarestealertrojanupxworm

© 2018-2024

Terms | Privacy