ramnit | 2086540f09b320b9d41a4c8df34572ab98e1627cfedcdc2a28a1d4561045b3b0 | Triage

Submit
Reports

Overview

overview

Static

static

2086540f09...b0.dll

windows7-x64

2086540f09...b0.dll

windows10-2004-x64

8

Sharing

General

Target

2086540f09b320b9d41a4c8df34572ab98e1627cfedcdc2a28a1d4561045b3b0
Size

560KB
Sample

221029-v6n4jagcc5
MD5

843ba6d40b15855549df4e5707015af6
SHA1

31e73a8c066dadbf05e66980403f11b440e28d82
SHA256

2086540f09b320b9d41a4c8df34572ab98e1627cfedcdc2a28a1d4561045b3b0
SHA512

ead2058d3b8216f3e0ebbbc907f3eafb4755dd513cb967016826070b345471a7a9b44c4de5ab2935d9bc7da0a6c7393d61f3d08336731f7f7790dbeb756cb737
SSDEEP

12288:J7aNeM6++h2NSjPRKcLui5U1Im3pHQCaOOfH:g6++h2NSj5KcLuik9IhH

Score

10^/10

ramnit banker spyware stealer trojan upx worm

Static task

static1

Behavioral task

behavioral1

Sample

2086540f09b320b9d41a4c8df34572ab98e1627cfedcdc2a28a1d4561045b3b0.dll

Resource

win7-20220901-en

ramnit banker spyware stealer trojan upx worm

windows7-x64

10 signatures

150 seconds

Behavioral task

behavioral2

Sample

2086540f09b320b9d41a4c8df34572ab98e1627cfedcdc2a28a1d4561045b3b0.dll

Resource

win10v2004-20220812-en

windows10-2004-x64

4 signatures

150 seconds

Malware Config

Targets

- Target
  
  2086540f09b320b9d41a4c8df34572ab98e1627cfedcdc2a28a1d4561045b3b0
- Size
  
  560KB
- MD5
  
  843ba6d40b15855549df4e5707015af6
- SHA1
  
  31e73a8c066dadbf05e66980403f11b440e28d82
- SHA256
  
  2086540f09b320b9d41a4c8df34572ab98e1627cfedcdc2a28a1d4561045b3b0
- SHA512
  
  ead2058d3b8216f3e0ebbbc907f3eafb4755dd513cb967016826070b345471a7a9b44c4de5ab2935d9bc7da0a6c7393d61f3d08336731f7f7790dbeb756cb737
- SSDEEP
  
  12288:J7aNeM6++h2NSjPRKcLui5U1Im3pHQCaOOfH:g6++h2NSj5KcLuik9IhH
Score

10^/10

ramnit banker spyware stealer trojan upx worm
- Ramnit
  Ramnit is a versatile family that holds viruses, worms, and Trojans.
  trojan spyware stealer worm banker ramnit
- Executes dropped EXE
- UPX packed file
  Detects executables packed with UPX/modified UPX open source packer.
  upx
- Loads dropped DLL
- Drops file in System32 directory
behavioral1 behavioral2

MITRE ATT&CK Enterprise v6

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Modify Registry

Credential Access

Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

ramnitbankerspywarestealertrojanupxworm

behavioral2

© 2018-2024

Terms | Privacy