ramnit | d1a212505d4219f87b90c479eba8bd847224e8169bb42ea5fc91da67ae7c26f8 | Triage

Submit
Reports

Overview

overview

Static

static

d1a212505d...f8.dll

windows7-x64

d1a212505d...f8.dll

windows10-2004-x64

Sharing

General

Target

d1a212505d4219f87b90c479eba8bd847224e8169bb42ea5fc91da67ae7c26f8
Size

1.2MB
Sample

221121-mdpwcsab6y
MD5

22e1dfdd243b1d313fddcbd1778c0c90
SHA1

b6f5877cab559cc686330ada4b34606daa1e30f0
SHA256

d1a212505d4219f87b90c479eba8bd847224e8169bb42ea5fc91da67ae7c26f8
SHA512

b4b60fd7fdb75fed3b87d8bf7bbb41295a0c5627e01a437fb91721939d8c71ab4fd4bb0df1318065d187425ae270274d3b66a6512ac48d7ca6973c52c09f2b10
SSDEEP

24576:gxAIJIZIrv6SIOeG/hVqsRZaHYk8hMT3eOXBHa809k4+sx:g3IZ7SI0hzRZaHYk8hMzeOXB68G5Tx

Score

10^/10

ramnit banker spyware stealer trojan upx worm

Static task

static1

Behavioral task

behavioral1

Sample

d1a212505d4219f87b90c479eba8bd847224e8169bb42ea5fc91da67ae7c26f8.dll

Resource

win7-20221111-en

ramnit banker spyware stealer trojan upx worm

windows7-x64

11 signatures

150 seconds

Behavioral task

behavioral2

Sample

d1a212505d4219f87b90c479eba8bd847224e8169bb42ea5fc91da67ae7c26f8.dll

Resource

win10v2004-20220812-en

ramnit banker spyware stealer trojan upx worm

windows10-2004-x64

11 signatures

150 seconds

Malware Config

Targets

- Target
  
  d1a212505d4219f87b90c479eba8bd847224e8169bb42ea5fc91da67ae7c26f8
- Size
  
  1.2MB
- MD5
  
  22e1dfdd243b1d313fddcbd1778c0c90
- SHA1
  
  b6f5877cab559cc686330ada4b34606daa1e30f0
- SHA256
  
  d1a212505d4219f87b90c479eba8bd847224e8169bb42ea5fc91da67ae7c26f8
- SHA512
  
  b4b60fd7fdb75fed3b87d8bf7bbb41295a0c5627e01a437fb91721939d8c71ab4fd4bb0df1318065d187425ae270274d3b66a6512ac48d7ca6973c52c09f2b10
- SSDEEP
  
  24576:gxAIJIZIrv6SIOeG/hVqsRZaHYk8hMT3eOXBHa809k4+sx:g3IZ7SI0hzRZaHYk8hMzeOXB68G5Tx
Score

10^/10

ramnit banker spyware stealer trojan upx worm
- Ramnit
  Ramnit is a versatile family that holds viruses, worms, and Trojans.
  trojan spyware stealer worm banker ramnit
- Executes dropped EXE
- UPX packed file
  Detects executables packed with UPX/modified UPX open source packer.
  upx
- Loads dropped DLL
- Drops file in System32 directory
behavioral1 behavioral2

MITRE ATT&CK Enterprise v6

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Modify Registry

Credential Access

Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

ramnitbankerspywarestealertrojanupxworm

behavioral2

ramnitbankerspywarestealertrojanupxworm

© 2018-2025

Terms | Privacy