ramnit | 46d733e1a3a2876e299decf76fd498d66d57d1b49f36dfab706eb0a3fed9ac04 | Triage

Submit
Reports

Overview

overview

Static

static

46d733e1a3...04.dll

windows7-x64

46d733e1a3...04.dll

windows10-2004-x64

Sharing

Copy URL Twitter E-mail

General

Target

46d733e1a3a2876e299decf76fd498d66d57d1b49f36dfab706eb0a3fed9ac04
Size

717KB
Sample

221030-28nzwaecg7
MD5

a183bc04453d9947a72914a589f06170
SHA1

e46461c730a8630978cff731c7cc473b9a122f00
SHA256

46d733e1a3a2876e299decf76fd498d66d57d1b49f36dfab706eb0a3fed9ac04
SHA512

e6791d2da44f023b25f9f2a357a7c76b0c59cb4e6e1247f3efdd2ced2d36a87a87c7c472302dd860a154e087ad57083a3feea6d5368da7415edeac8de08643c0
SSDEEP

12288:gzb9rMfc+CKUQyUmjtc4euuzPrs9pGp8hunWoopooK9kwPZoP:gzb1MlCKUQyUmjtczu6Prs9pgWoopooh

Score

10^/10

ramnit banker spyware stealer trojan upx worm

Static task

static1

Behavioral task

behavioral1

Sample

46d733e1a3a2876e299decf76fd498d66d57d1b49f36dfab706eb0a3fed9ac04.dll

Resource

win7-20220812-en

ramnit banker spyware stealer trojan upx worm

windows7-x64

11 signatures

150 seconds

Behavioral task

behavioral2

Sample

46d733e1a3a2876e299decf76fd498d66d57d1b49f36dfab706eb0a3fed9ac04.dll

Resource

win10v2004-20220812-en

ramnit banker spyware stealer trojan upx worm

windows10-2004-x64

11 signatures

150 seconds

Malware Config

Targets

- Target
  
  46d733e1a3a2876e299decf76fd498d66d57d1b49f36dfab706eb0a3fed9ac04
- Size
  
  717KB
- MD5
  
  a183bc04453d9947a72914a589f06170
- SHA1
  
  e46461c730a8630978cff731c7cc473b9a122f00
- SHA256
  
  46d733e1a3a2876e299decf76fd498d66d57d1b49f36dfab706eb0a3fed9ac04
- SHA512
  
  e6791d2da44f023b25f9f2a357a7c76b0c59cb4e6e1247f3efdd2ced2d36a87a87c7c472302dd860a154e087ad57083a3feea6d5368da7415edeac8de08643c0
- SSDEEP
  
  12288:gzb9rMfc+CKUQyUmjtc4euuzPrs9pGp8hunWoopooK9kwPZoP:gzb1MlCKUQyUmjtczu6Prs9pgWoopooh
Score

10^/10

ramnit banker spyware stealer trojan upx worm
- Ramnit
  Ramnit is a versatile family that holds viruses, worms, and Trojans.
  trojan spyware stealer worm banker ramnit
- Executes dropped EXE
- UPX packed file
  Detects executables packed with UPX/modified UPX open source packer.
  upx
- Loads dropped DLL
- Drops file in System32 directory
behavioral1 behavioral2

MITRE ATT&CK Enterprise v6

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Modify Registry

Credential Access

Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

ramnitbankerspywarestealertrojanupxworm

behavioral2

ramnitbankerspywarestealertrojanupxworm

© 2018-2025

Terms | Privacy