ramnit | 91ee2bd912bae2cd88271e3411fd80f48dee2848529305ec6f9577a0980343f2 | Triage

Submit
Reports

Overview

overview

Static

static

91ee2bd912...f2.exe

windows7-x64

91ee2bd912...f2.exe

windows10-2004-x64

Sharing

Copy URL Twitter E-mail

General

Target

91ee2bd912bae2cd88271e3411fd80f48dee2848529305ec6f9577a0980343f2
Size

604KB
Sample

221121-mq46tafb59
MD5

30783f4c8176f8c4c0904f708986ce00
SHA1

f3728c58e21b0dada3fb4d84f6a26dcdea95548f
SHA256

91ee2bd912bae2cd88271e3411fd80f48dee2848529305ec6f9577a0980343f2
SHA512

5227e7c47a29773804a8800e11b419f19ab1512518d26b7d7dcbb17d6ed3fc2f901d472c02a818d3d80c281e91653603a52b275dbdb1eda47f25bbb387456b1f
SSDEEP

12288:QHiVgpen2Ys7zWjMCKxaiPnW/0cfByu34oN579l5iLOjKDKFiSU:sDW9KciPvyyu34otlKOK+

Score

10^/10

ramnit banker spyware stealer trojan upx worm

Static task

static1

Behavioral task

behavioral1

Sample

91ee2bd912bae2cd88271e3411fd80f48dee2848529305ec6f9577a0980343f2.exe

Resource

win7-20221111-en

ramnit banker spyware stealer trojan upx worm

windows7-x64

11 signatures

150 seconds

Behavioral task

behavioral2

Sample

91ee2bd912bae2cd88271e3411fd80f48dee2848529305ec6f9577a0980343f2.exe

Resource

win10v2004-20221111-en

ramnit banker spyware stealer trojan upx worm

windows10-2004-x64

10 signatures

150 seconds

Malware Config

Targets

- Target
  
  91ee2bd912bae2cd88271e3411fd80f48dee2848529305ec6f9577a0980343f2
- Size
  
  604KB
- MD5
  
  30783f4c8176f8c4c0904f708986ce00
- SHA1
  
  f3728c58e21b0dada3fb4d84f6a26dcdea95548f
- SHA256
  
  91ee2bd912bae2cd88271e3411fd80f48dee2848529305ec6f9577a0980343f2
- SHA512
  
  5227e7c47a29773804a8800e11b419f19ab1512518d26b7d7dcbb17d6ed3fc2f901d472c02a818d3d80c281e91653603a52b275dbdb1eda47f25bbb387456b1f
- SSDEEP
  
  12288:QHiVgpen2Ys7zWjMCKxaiPnW/0cfByu34oN579l5iLOjKDKFiSU:sDW9KciPvyyu34otlKOK+
Score

10^/10

ramnit banker spyware stealer trojan upx worm
- Ramnit
  Ramnit is a versatile family that holds viruses, worms, and Trojans.
  trojan spyware stealer worm banker ramnit
- Executes dropped EXE
- UPX packed file
  Detects executables packed with UPX/modified UPX open source packer.
  upx
- Loads dropped DLL
behavioral1 behavioral2

MITRE ATT&CK Enterprise v6

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Modify Registry

Credential Access

Discovery

System Information Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

ramnitbankerspywarestealertrojanupxworm

behavioral2

ramnitbankerspywarestealertrojanupxworm

© 2018-2025

Terms | Privacy