ramnit | 6b516b17b35b67357ebdd4d76ca52570d753d42aec26e4018a1eded8505af890 | Triage

Submit
Reports

Overview

overview

Static

static

6b516b17b3...90.dll

windows7-x64

6b516b17b3...90.dll

windows10-2004-x64

Sharing

General

Target

6b516b17b35b67357ebdd4d76ca52570d753d42aec26e4018a1eded8505af890
Size

172KB
Sample

221029-v42xlshaaq
MD5

a37b7ee8c51f7c403ba53ef885acfaa0
SHA1

0e59b01d12babb80da4099200e8d4e5f67b184d1
SHA256

6b516b17b35b67357ebdd4d76ca52570d753d42aec26e4018a1eded8505af890
SHA512

baaea1cca94badfb074507e3638f5465d30b97e038ca0cb9ac09510bea24c9b53ca29e5e4f96d5a2f9645b35c3598cd90caa3bc7696838852f975661274ec456
SSDEEP

3072:vn4cV8gf2u41Z5tKlza/VJNb3+odsXcg71iMaQj:P4y8gOl2JadJNbCJ71ifY

Score

10^/10

ramnit banker spyware stealer trojan upx worm

Static task

static1

Behavioral task

behavioral1

Sample

6b516b17b35b67357ebdd4d76ca52570d753d42aec26e4018a1eded8505af890.dll

Resource

win7-20220901-en

ramnit banker spyware stealer trojan upx worm

windows7-x64

11 signatures

150 seconds

Behavioral task

behavioral2

Sample

6b516b17b35b67357ebdd4d76ca52570d753d42aec26e4018a1eded8505af890.dll

Resource

win10v2004-20220901-en

ramnit banker spyware stealer trojan upx worm

windows10-2004-x64

11 signatures

150 seconds

Malware Config

Targets

- Target
  
  6b516b17b35b67357ebdd4d76ca52570d753d42aec26e4018a1eded8505af890
- Size
  
  172KB
- MD5
  
  a37b7ee8c51f7c403ba53ef885acfaa0
- SHA1
  
  0e59b01d12babb80da4099200e8d4e5f67b184d1
- SHA256
  
  6b516b17b35b67357ebdd4d76ca52570d753d42aec26e4018a1eded8505af890
- SHA512
  
  baaea1cca94badfb074507e3638f5465d30b97e038ca0cb9ac09510bea24c9b53ca29e5e4f96d5a2f9645b35c3598cd90caa3bc7696838852f975661274ec456
- SSDEEP
  
  3072:vn4cV8gf2u41Z5tKlza/VJNb3+odsXcg71iMaQj:P4y8gOl2JadJNbCJ71ifY
Score

10^/10

ramnit banker spyware stealer trojan upx worm
- Ramnit
  Ramnit is a versatile family that holds viruses, worms, and Trojans.
  trojan spyware stealer worm banker ramnit
- Executes dropped EXE
- UPX packed file
  Detects executables packed with UPX/modified UPX open source packer.
  upx
- Loads dropped DLL
- Drops file in System32 directory
behavioral1 behavioral2

MITRE ATT&CK Enterprise v6

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Modify Registry

Credential Access

Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

ramnitbankerspywarestealertrojanupxworm

behavioral2

ramnitbankerspywarestealertrojanupxworm

© 2018-2024

Terms | Privacy