ramnit | 87f9bba5dd914789feb876364c2518170c9bdf36890b235e0451052a9e9d4873 | Triage

Submit
Reports

Overview

overview

Static

static

87f9bba5dd...73.dll

windows7-x64

8

87f9bba5dd...73.dll

windows10-2004-x64

Sharing

Copy URL Twitter E-mail

General

Target

87f9bba5dd914789feb876364c2518170c9bdf36890b235e0451052a9e9d4873
Size

236KB
Sample

221030-25wkjsebf9
MD5

a1aabec8146bc6540705eb17079bd6e0
SHA1

77e87a1744c9425b3e82ea6e26045fc975e9ebdc
SHA256

87f9bba5dd914789feb876364c2518170c9bdf36890b235e0451052a9e9d4873
SHA512

ebfcd299c95d0d272d8a59480a0a552f6e4d128a2150ae6efb5c167d6855c4ba5e862eae657b671b5168a4cff8ae05110280f2b8140065cc899f009e0f7bf151
SSDEEP

3072:QgKKuiX63bw5dNjDh8pWVgTlFIYna8FKfRgHyfFcV0Q8OMADbHOl+iEWMprMfbh:BKZp3KNjVGvPRlhhLy+iGp0

Score

10^/10

ramnit banker spyware stealer trojan upx worm

Static task

static1

Behavioral task

behavioral1

Sample

87f9bba5dd914789feb876364c2518170c9bdf36890b235e0451052a9e9d4873.dll

Resource

win7-20220812-en

windows7-x64

5 signatures

150 seconds

Behavioral task

behavioral2

Sample

87f9bba5dd914789feb876364c2518170c9bdf36890b235e0451052a9e9d4873.dll

Resource

win10v2004-20220812-en

ramnit banker spyware stealer trojan upx worm

windows10-2004-x64

14 signatures

150 seconds

Malware Config

Targets

- Target
  
  87f9bba5dd914789feb876364c2518170c9bdf36890b235e0451052a9e9d4873
- Size
  
  236KB
- MD5
  
  a1aabec8146bc6540705eb17079bd6e0
- SHA1
  
  77e87a1744c9425b3e82ea6e26045fc975e9ebdc
- SHA256
  
  87f9bba5dd914789feb876364c2518170c9bdf36890b235e0451052a9e9d4873
- SHA512
  
  ebfcd299c95d0d272d8a59480a0a552f6e4d128a2150ae6efb5c167d6855c4ba5e862eae657b671b5168a4cff8ae05110280f2b8140065cc899f009e0f7bf151
- SSDEEP
  
  3072:QgKKuiX63bw5dNjDh8pWVgTlFIYna8FKfRgHyfFcV0Q8OMADbHOl+iEWMprMfbh:BKZp3KNjVGvPRlhhLy+iGp0
Score

10^/10

ramnit banker spyware stealer trojan upx worm
- Ramnit
  Ramnit is a versatile family that holds viruses, worms, and Trojans.
  trojan spyware stealer worm banker ramnit
- Executes dropped EXE
- UPX packed file
  Detects executables packed with UPX/modified UPX open source packer.
  upx
- Loads dropped DLL
- Drops file in System32 directory
behavioral1 behavioral2

MITRE ATT&CK Enterprise v6

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Modify Registry

Credential Access

Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2

ramnitbankerspywarestealertrojanupxworm

© 2018-2025

Terms | Privacy