ramnit | 95708519241b8aa82c206b74014f6fcde35ea894da180113c6954fa047fa0da7 | Triage

Submit
Reports

Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

Overview

overview

Static

static

9570851924...a7.dll

windows7-x64

9570851924...a7.dll

windows10-2004-x64

Sharing

General

Target

95708519241b8aa82c206b74014f6fcde35ea894da180113c6954fa047fa0da7
Size

812KB
Sample

221020-pp92sadegr
MD5

469dc4b833138057697c3e4ccf7e7f70
SHA1

4b6ff30a34938dc4709dbbe953e11bbb96ec3bfb
SHA256

95708519241b8aa82c206b74014f6fcde35ea894da180113c6954fa047fa0da7
SHA512

1ebd21955251ed7f333cbe8117b9cbd4a57f072b8369e972f09e996682da606643c1511f4e3763f2ac92ad34e16bc4a384dfa2f4bad995a3bdeddc2d92876c96
SSDEEP

24576:whsENVAAiTpmG4I/st8j9ilCBqYoS6BpWNyt46Mal9te1:0siCBqYoS6Pzt46MO

Score

10^/10

ramnit banker spyware stealer trojan upx worm

Static task

static1

Behavioral task

behavioral1

Sample

95708519241b8aa82c206b74014f6fcde35ea894da180113c6954fa047fa0da7.dll

Resource

win7-20220901-en

ramnit banker spyware stealer trojan upx worm

windows7-x64

12 signatures

150 seconds

Behavioral task

behavioral2

Sample

95708519241b8aa82c206b74014f6fcde35ea894da180113c6954fa047fa0da7.dll

Resource

win10v2004-20220812-en

ramnit banker spyware stealer trojan upx worm

windows10-2004-x64

11 signatures

150 seconds

Malware Config

Targets

- Target
  
  95708519241b8aa82c206b74014f6fcde35ea894da180113c6954fa047fa0da7
- Size
  
  812KB
- MD5
  
  469dc4b833138057697c3e4ccf7e7f70
- SHA1
  
  4b6ff30a34938dc4709dbbe953e11bbb96ec3bfb
- SHA256
  
  95708519241b8aa82c206b74014f6fcde35ea894da180113c6954fa047fa0da7
- SHA512
  
  1ebd21955251ed7f333cbe8117b9cbd4a57f072b8369e972f09e996682da606643c1511f4e3763f2ac92ad34e16bc4a384dfa2f4bad995a3bdeddc2d92876c96
- SSDEEP
  
  24576:whsENVAAiTpmG4I/st8j9ilCBqYoS6BpWNyt46Mal9te1:0siCBqYoS6Pzt46MO
Score

10^/10

ramnit banker spyware stealer trojan upx worm
- Ramnit
  Ramnit is a versatile family that holds viruses, worms, and Trojans.
  trojan spyware stealer worm banker ramnit
- Executes dropped EXE
- UPX packed file
  Detects executables packed with UPX/modified UPX open source packer.
  upx
- Loads dropped DLL
- Drops file in System32 directory
behavioral1 behavioral2

MITRE ATT&CK Enterprise v6

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Modify Registry

Credential Access

Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

ramnitbankerspywarestealertrojanupxworm

behavioral2

ramnitbankerspywarestealertrojanupxworm

© 2018-2025

Terms | Privacy