ramnit | 28153ec8a84a6f45f754f31ea2946fc4ac1f22f7a57175786af2d25c274dd5ad | Triage

Submit
Reports

Overview

overview

Static

static

28153ec8a8...ad.dll

windows7-x64

28153ec8a8...ad.dll

windows10-2004-x64

Sharing

General

Target

28153ec8a84a6f45f754f31ea2946fc4ac1f22f7a57175786af2d25c274dd5ad
Size

529KB
Sample

221003-yc6m9schej
MD5

3612d2d4d1ec39b5177703a8204452c0
SHA1

503498cd90d817931c14978fc22fc77f0a6f2336
SHA256

28153ec8a84a6f45f754f31ea2946fc4ac1f22f7a57175786af2d25c274dd5ad
SHA512

34e1cc87fce4e5698e550631887b9262244de3cdf64e0af6d2b72293fed8ef2c0ca1d481c3ad33e3cfe9fb77546c0a11ba9ec10d1160ab92fdc07aa846b05d5c
SSDEEP

12288:68qbPW7/ej5JtjnSGGVPDF+qhZehvWdwwjBjs:CPO/ej5jSFVPD8vh

Score

10^/10

ramnit banker spyware stealer trojan upx worm

Static task

static1

Behavioral task

behavioral1

Sample

28153ec8a84a6f45f754f31ea2946fc4ac1f22f7a57175786af2d25c274dd5ad.dll

Resource

win7-20220812-en

ramnit banker spyware stealer trojan upx worm

windows7-x64

12 signatures

150 seconds

Behavioral task

behavioral2

Sample

28153ec8a84a6f45f754f31ea2946fc4ac1f22f7a57175786af2d25c274dd5ad.dll

Resource

win10v2004-20220812-en

ramnit banker spyware stealer trojan upx worm

windows10-2004-x64

12 signatures

150 seconds

Malware Config

Targets

- Target
  
  28153ec8a84a6f45f754f31ea2946fc4ac1f22f7a57175786af2d25c274dd5ad
- Size
  
  529KB
- MD5
  
  3612d2d4d1ec39b5177703a8204452c0
- SHA1
  
  503498cd90d817931c14978fc22fc77f0a6f2336
- SHA256
  
  28153ec8a84a6f45f754f31ea2946fc4ac1f22f7a57175786af2d25c274dd5ad
- SHA512
  
  34e1cc87fce4e5698e550631887b9262244de3cdf64e0af6d2b72293fed8ef2c0ca1d481c3ad33e3cfe9fb77546c0a11ba9ec10d1160ab92fdc07aa846b05d5c
- SSDEEP
  
  12288:68qbPW7/ej5JtjnSGGVPDF+qhZehvWdwwjBjs:CPO/ej5jSFVPD8vh
Score

10^/10

ramnit banker spyware stealer trojan upx worm
- Ramnit
  Ramnit is a versatile family that holds viruses, worms, and Trojans.
  trojan spyware stealer worm banker ramnit
- Executes dropped EXE
- UPX packed file
  Detects executables packed with UPX/modified UPX open source packer.
  upx
- Loads dropped DLL
- Drops file in System32 directory
behavioral1 behavioral2

MITRE ATT&CK Enterprise v6

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Modify Registry

Credential Access

Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

ramnitbankerspywarestealertrojanupxworm

behavioral2

ramnitbankerspywarestealertrojanupxworm

© 2018-2025

Terms | Privacy