ramnit | e3108139e674c196ee6a635ffbdc8a9610aab9eb7b1b0d6371ab3710776d8321 | Triage

Submit
Reports

Overview

overview

Static

static

e3108139e6...21.dll

windows7-x64

e3108139e6...21.dll

windows10-2004-x64

Sharing

Copy URL Twitter E-mail

General

Target

e3108139e674c196ee6a635ffbdc8a9610aab9eb7b1b0d6371ab3710776d8321
Size

396KB
Sample

221011-n6pxhadbd2
MD5

489c9a775797a5f382c2f46a378f2690
SHA1

043de2c5de06a50806c83dbe30f7f61d2fd9de9b
SHA256

e3108139e674c196ee6a635ffbdc8a9610aab9eb7b1b0d6371ab3710776d8321
SHA512

d37ac7712caeb4c07308cb30a90ee8d95b5e43bb6c4841911e37ae854ac52baf851cfb50abd05e0e6b4634331b23be4a99aabc673c4248e69473967dbd2f2d2f
SSDEEP

6144:G8SGy4ZR+utlAngZZ4vkrCBL4Mv6Mtb8FMciFMNrb3YgxhYIbCAOBf8585cZ/kQx:yGy4ZRxlsgwvkruUMDtmF7dCLft58yg

Score

10^/10

ramnit banker spyware stealer trojan upx worm

Static task

static1

Behavioral task

behavioral1

Sample

e3108139e674c196ee6a635ffbdc8a9610aab9eb7b1b0d6371ab3710776d8321.dll

Resource

win7-20220901-en

ramnit banker spyware stealer trojan upx worm

windows7-x64

12 signatures

150 seconds

Behavioral task

behavioral2

Sample

e3108139e674c196ee6a635ffbdc8a9610aab9eb7b1b0d6371ab3710776d8321.dll

Resource

win10v2004-20220812-en

ramnit banker spyware stealer trojan upx worm

windows10-2004-x64

12 signatures

150 seconds

Malware Config

Targets

- Target
  
  e3108139e674c196ee6a635ffbdc8a9610aab9eb7b1b0d6371ab3710776d8321
- Size
  
  396KB
- MD5
  
  489c9a775797a5f382c2f46a378f2690
- SHA1
  
  043de2c5de06a50806c83dbe30f7f61d2fd9de9b
- SHA256
  
  e3108139e674c196ee6a635ffbdc8a9610aab9eb7b1b0d6371ab3710776d8321
- SHA512
  
  d37ac7712caeb4c07308cb30a90ee8d95b5e43bb6c4841911e37ae854ac52baf851cfb50abd05e0e6b4634331b23be4a99aabc673c4248e69473967dbd2f2d2f
- SSDEEP
  
  6144:G8SGy4ZR+utlAngZZ4vkrCBL4Mv6Mtb8FMciFMNrb3YgxhYIbCAOBf8585cZ/kQx:yGy4ZRxlsgwvkruUMDtmF7dCLft58yg
Score

10^/10

ramnit banker spyware stealer trojan upx worm
- Ramnit
  Ramnit is a versatile family that holds viruses, worms, and Trojans.
  trojan spyware stealer worm banker ramnit
- Executes dropped EXE
- UPX packed file
  Detects executables packed with UPX/modified UPX open source packer.
  upx
- Loads dropped DLL
- Drops file in System32 directory
behavioral1 behavioral2

MITRE ATT&CK Enterprise v6

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Modify Registry

Credential Access

Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

ramnitbankerspywarestealertrojanupxworm

behavioral2

ramnitbankerspywarestealertrojanupxworm

© 2018-2025

Terms | Privacy