ramnit | bdec95dea89e64994655a674de95cb5ae0d45b4191d81de6826ff3ccf5c04807 | Triage

Submit
Reports

Overview

overview

Static

static

bdec95dea8...07.dll

windows7-x64

bdec95dea8...07.dll

windows10-2004-x64

Sharing

General

Target

bdec95dea89e64994655a674de95cb5ae0d45b4191d81de6826ff3ccf5c04807
Size

124KB
Sample

221121-mheaesad2y
MD5

3052acfad32336b80279b0d88d8f1650
SHA1

73e3f3581646a94bc07f177dcc269f312152ebf8
SHA256

bdec95dea89e64994655a674de95cb5ae0d45b4191d81de6826ff3ccf5c04807
SHA512

3a41fccbbcb0bab326eca8574f4a5c9b7912f3ffc3fba7c903f32aaaa75e9fc1ded9300c19e9256b03b36e6a5bf2368a3dfc40ede6b168ac0e79678ca7c61b41
SSDEEP

1536:tsVLm/hpE6CkMH6Auv+KDNtZRK9R8Ukmt9mpj1fTttM4F0IRA2vtnJybT:imhpEbTuz5tZRK9R8Ut9mpVT3VJy

Score

10^/10

ramnit banker spyware stealer trojan upx worm

Static task

static1

Behavioral task

behavioral1

Sample

bdec95dea89e64994655a674de95cb5ae0d45b4191d81de6826ff3ccf5c04807.dll

Resource

win7-20220812-en

ramnit banker spyware stealer trojan upx worm

windows7-x64

12 signatures

150 seconds

Behavioral task

behavioral2

Sample

bdec95dea89e64994655a674de95cb5ae0d45b4191d81de6826ff3ccf5c04807.dll

Resource

win10v2004-20220812-en

ramnit banker spyware stealer trojan upx worm

windows10-2004-x64

12 signatures

150 seconds

Malware Config

Targets

- Target
  
  bdec95dea89e64994655a674de95cb5ae0d45b4191d81de6826ff3ccf5c04807
- Size
  
  124KB
- MD5
  
  3052acfad32336b80279b0d88d8f1650
- SHA1
  
  73e3f3581646a94bc07f177dcc269f312152ebf8
- SHA256
  
  bdec95dea89e64994655a674de95cb5ae0d45b4191d81de6826ff3ccf5c04807
- SHA512
  
  3a41fccbbcb0bab326eca8574f4a5c9b7912f3ffc3fba7c903f32aaaa75e9fc1ded9300c19e9256b03b36e6a5bf2368a3dfc40ede6b168ac0e79678ca7c61b41
- SSDEEP
  
  1536:tsVLm/hpE6CkMH6Auv+KDNtZRK9R8Ukmt9mpj1fTttM4F0IRA2vtnJybT:imhpEbTuz5tZRK9R8Ut9mpVT3VJy
Score

10^/10

ramnit banker spyware stealer trojan upx worm
- Ramnit
  Ramnit is a versatile family that holds viruses, worms, and Trojans.
  trojan spyware stealer worm banker ramnit
- Executes dropped EXE
- UPX packed file
  Detects executables packed with UPX/modified UPX open source packer.
  upx
- Loads dropped DLL
- Drops file in System32 directory
behavioral1 behavioral2

MITRE ATT&CK Enterprise v6

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Modify Registry

Credential Access

Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

ramnitbankerspywarestealertrojanupxworm

behavioral2

ramnitbankerspywarestealertrojanupxworm

© 2018-2025

Terms | Privacy