ramnit | 659a37fa30a40e1402019a57db21c72665a204f257b4324781330b901769bd01 | Triage

Submit
Reports

Overview

overview

Static

static

8

659a37fa30...01.exe

windows7-x64

659a37fa30...01.exe

windows10-2004-x64

Sharing

Copy URL Twitter E-mail

General

Target

659a37fa30a40e1402019a57db21c72665a204f257b4324781330b901769bd01
Size

134KB
Sample

221106-zzc5xaeack
MD5

0e0a525565a3aedc112dc2b8fa77f82b
SHA1

b200de197d6fd81cf5a82533cd4825453050ed7f
SHA256

659a37fa30a40e1402019a57db21c72665a204f257b4324781330b901769bd01
SHA512

78fb51647684d28f9dd16cf1aec5976a34300a9776cd6fc5570a34c4b296bb6d25843f0d3ece909381e0701ccaaaa005c2b4547994c3bd8de07f13a18b4244cf
SSDEEP

3072:cdE/fueIUbfg7t2S2gWD6DEUrFnUCrfw49out85XmIHAPSY5Amrqr:cdo2eIUcx29gWODRBV7HoS8+VRqr

Score

10^/10

ramnit banker spyware stealer trojan upx worm

Static task

static1

1 signatures

Behavioral task

behavioral1

Sample

659a37fa30a40e1402019a57db21c72665a204f257b4324781330b901769bd01.exe

Resource

win7-20220812-en

ramnit banker spyware stealer trojan upx worm

windows7-x64

10 signatures

150 seconds

Behavioral task

behavioral2

Sample

659a37fa30a40e1402019a57db21c72665a204f257b4324781330b901769bd01.exe

Resource

win10v2004-20220812-en

ramnit banker spyware stealer trojan upx worm

windows10-2004-x64

10 signatures

150 seconds

Malware Config

Targets

- Target
  
  659a37fa30a40e1402019a57db21c72665a204f257b4324781330b901769bd01
- Size
  
  134KB
- MD5
  
  0e0a525565a3aedc112dc2b8fa77f82b
- SHA1
  
  b200de197d6fd81cf5a82533cd4825453050ed7f
- SHA256
  
  659a37fa30a40e1402019a57db21c72665a204f257b4324781330b901769bd01
- SHA512
  
  78fb51647684d28f9dd16cf1aec5976a34300a9776cd6fc5570a34c4b296bb6d25843f0d3ece909381e0701ccaaaa005c2b4547994c3bd8de07f13a18b4244cf
- SSDEEP
  
  3072:cdE/fueIUbfg7t2S2gWD6DEUrFnUCrfw49out85XmIHAPSY5Amrqr:cdo2eIUcx29gWODRBV7HoS8+VRqr
Score

10^/10

ramnit banker spyware stealer trojan upx worm
- Ramnit
  Ramnit is a versatile family that holds viruses, worms, and Trojans.
  trojan spyware stealer worm banker ramnit
- Executes dropped EXE
- UPX packed file
  Detects executables packed with UPX/modified UPX open source packer.
  upx
- Loads dropped DLL
behavioral1 behavioral2

MITRE ATT&CK Enterprise v6

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Modify Registry

Credential Access

Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

ramnitbankerspywarestealertrojanupxworm

behavioral2

ramnitbankerspywarestealertrojanupxworm

© 2018-2025

Terms | Privacy