ramnit | e9ca608973bb1e52ec58b00ebddfcff821cd7e10b2ace35cd47555000b06e0a4 | Triage

Submit
Reports

Overview

overview

Static

static

e9ca608973...a4.dll

windows7-x64

e9ca608973...a4.dll

windows10-2004-x64

Sharing

General

Target

e9ca608973bb1e52ec58b00ebddfcff821cd7e10b2ace35cd47555000b06e0a4
Size

188KB
Sample

221106-y9w54achem
MD5

07cdfcd00396ec58ea1be657c1f077f0
SHA1

7fcb4122c94ae10e59b5bae77736f2170def4cbb
SHA256

e9ca608973bb1e52ec58b00ebddfcff821cd7e10b2ace35cd47555000b06e0a4
SHA512

d2e3c2bc9d5d7e87b7792c44884af34c0ff7c42402f7f3e1542db7861cca5d6d6182c2b92491f2dc952d53fc92ec622557a4fc43ffee78a5cf29e87952a1442f
SSDEEP

3072:3Ic3tTjqZ7SbNIogva6tkI6zuO7Xgkij6s2YMFtvgTI7LU4:3zT2ZWb2WAL2Y2vg8I4

Score

10^/10

ramnit banker spyware stealer trojan upx worm

Static task

static1

Behavioral task

behavioral1

Sample

e9ca608973bb1e52ec58b00ebddfcff821cd7e10b2ace35cd47555000b06e0a4.dll

Resource

win7-20220901-en

ramnit banker spyware stealer trojan upx worm

windows7-x64

11 signatures

150 seconds

Behavioral task

behavioral2

Sample

e9ca608973bb1e52ec58b00ebddfcff821cd7e10b2ace35cd47555000b06e0a4.dll

Resource

win10v2004-20220812-en

ramnit banker spyware stealer trojan upx worm

windows10-2004-x64

11 signatures

150 seconds

Malware Config

Targets

- Target
  
  e9ca608973bb1e52ec58b00ebddfcff821cd7e10b2ace35cd47555000b06e0a4
- Size
  
  188KB
- MD5
  
  07cdfcd00396ec58ea1be657c1f077f0
- SHA1
  
  7fcb4122c94ae10e59b5bae77736f2170def4cbb
- SHA256
  
  e9ca608973bb1e52ec58b00ebddfcff821cd7e10b2ace35cd47555000b06e0a4
- SHA512
  
  d2e3c2bc9d5d7e87b7792c44884af34c0ff7c42402f7f3e1542db7861cca5d6d6182c2b92491f2dc952d53fc92ec622557a4fc43ffee78a5cf29e87952a1442f
- SSDEEP
  
  3072:3Ic3tTjqZ7SbNIogva6tkI6zuO7Xgkij6s2YMFtvgTI7LU4:3zT2ZWb2WAL2Y2vg8I4
Score

10^/10

ramnit banker spyware stealer trojan upx worm
- Ramnit
  Ramnit is a versatile family that holds viruses, worms, and Trojans.
  trojan spyware stealer worm banker ramnit
- Executes dropped EXE
- UPX packed file
  Detects executables packed with UPX/modified UPX open source packer.
  upx
- Loads dropped DLL
- Drops file in System32 directory
behavioral1 behavioral2

MITRE ATT&CK Enterprise v6

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Modify Registry

Credential Access

Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

ramnitbankerspywarestealertrojanupxworm

behavioral2

ramnitbankerspywarestealertrojanupxworm

© 2018-2024

Terms | Privacy