ramnit | b0e45d876cc2fc0a765751b702fdc17d2ad988ddd952a6d89488b6a990f66688 | Triage

Submit
Reports

Overview

overview

Static

static

b0e45d876c...88.dll

windows7-x64

b0e45d876c...88.dll

windows10-2004-x64

Sharing

General

Target

b0e45d876cc2fc0a765751b702fdc17d2ad988ddd952a6d89488b6a990f66688
Size

343KB
Sample

221011-n93b1adeej
MD5

6e031acf4ce416b67dea18edbbd88461
SHA1

f5ca5ff56727f3d200a1d2b3b4ae3df687d798ad
SHA256

b0e45d876cc2fc0a765751b702fdc17d2ad988ddd952a6d89488b6a990f66688
SHA512

9f98747f074f5b5dde22b5f2791d15f80e6a891f60f68a6a00d7c04ced4feb7344eb7ab98269d7786fadfad19a76bca18d703b9ce75a522f832801ff74d1b519
SSDEEP

6144:xFrjLy96lDP1j0k+d7k23B2dz5LR84dSlFVTSETWhdcbzyqoN9jM0eYxtPri:xFhP+d7d3wHR84MyEFbzyTNpM92t

Score

10^/10

ramnit banker spyware stealer trojan upx worm

Static task

static1

Behavioral task

behavioral1

Sample

b0e45d876cc2fc0a765751b702fdc17d2ad988ddd952a6d89488b6a990f66688.dll

Resource

win7-20220812-en

ramnit banker spyware stealer trojan upx worm

windows7-x64

7 signatures

150 seconds

Behavioral task

behavioral2

Sample

b0e45d876cc2fc0a765751b702fdc17d2ad988ddd952a6d89488b6a990f66688.dll

Resource

win10v2004-20220812-en

ramnit banker spyware stealer trojan upx worm

windows10-2004-x64

11 signatures

150 seconds

Malware Config

Targets

- Target
  
  b0e45d876cc2fc0a765751b702fdc17d2ad988ddd952a6d89488b6a990f66688
- Size
  
  343KB
- MD5
  
  6e031acf4ce416b67dea18edbbd88461
- SHA1
  
  f5ca5ff56727f3d200a1d2b3b4ae3df687d798ad
- SHA256
  
  b0e45d876cc2fc0a765751b702fdc17d2ad988ddd952a6d89488b6a990f66688
- SHA512
  
  9f98747f074f5b5dde22b5f2791d15f80e6a891f60f68a6a00d7c04ced4feb7344eb7ab98269d7786fadfad19a76bca18d703b9ce75a522f832801ff74d1b519
- SSDEEP
  
  6144:xFrjLy96lDP1j0k+d7k23B2dz5LR84dSlFVTSETWhdcbzyqoN9jM0eYxtPri:xFhP+d7d3wHR84MyEFbzyTNpM92t
Score

10^/10

ramnit banker spyware stealer trojan upx worm
- Ramnit
  Ramnit is a versatile family that holds viruses, worms, and Trojans.
  trojan spyware stealer worm banker ramnit
- Executes dropped EXE
- UPX packed file
  Detects executables packed with UPX/modified UPX open source packer.
  upx
- Loads dropped DLL
- Drops file in System32 directory
behavioral1 behavioral2

MITRE ATT&CK Enterprise v6

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Modify Registry

Credential Access

Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

ramnitbankerspywarestealertrojanupxworm

behavioral2

ramnitbankerspywarestealertrojanupxworm

© 2018-2025

Terms | Privacy