ramnit | 8479d0f17de22e89540f9002ac5cbaec9dc3fcc53ee4c8b02b81660e77823e48 | Triage

Submit
Reports

Overview

overview

Static

static

8479d0f17d...48.dll

windows7-x64

8479d0f17d...48.dll

windows10-2004-x64

Sharing

General

Target

8479d0f17de22e89540f9002ac5cbaec9dc3fcc53ee4c8b02b81660e77823e48
Size

151KB
Sample

221121-mtjpaaah5v
MD5

31de105ad46e2a270e5c5be539ebec90
SHA1

5aa94f7a33b043cdddc1a77faf2405c17b569675
SHA256

8479d0f17de22e89540f9002ac5cbaec9dc3fcc53ee4c8b02b81660e77823e48
SHA512

469c5af56f68acba27b345bca4fd5c6b23d4a8eef020cefc29ecff11ff5d777d9dd92fabfa5e0d7cbd146367797f2f39ac0da835b6b85c4ea4bfa6e43ddfe4f9
SSDEEP

3072:L1TnY4kclz9sdO/o9dVMmXmwklK7uziAc7P1G2oA33V:RTncQsU/ojVMmXmwkiuzZc7o2z33

Score

10^/10

ramnit banker spyware stealer trojan upx worm

Static task

static1

Behavioral task

behavioral1

Sample

8479d0f17de22e89540f9002ac5cbaec9dc3fcc53ee4c8b02b81660e77823e48.dll

Resource

win7-20220901-en

ramnit banker spyware stealer trojan upx worm

windows7-x64

11 signatures

150 seconds

Behavioral task

behavioral2

Sample

8479d0f17de22e89540f9002ac5cbaec9dc3fcc53ee4c8b02b81660e77823e48.dll

Resource

win10v2004-20221111-en

ramnit banker spyware stealer trojan upx worm

windows10-2004-x64

11 signatures

150 seconds

Malware Config

Targets

- Target
  
  8479d0f17de22e89540f9002ac5cbaec9dc3fcc53ee4c8b02b81660e77823e48
- Size
  
  151KB
- MD5
  
  31de105ad46e2a270e5c5be539ebec90
- SHA1
  
  5aa94f7a33b043cdddc1a77faf2405c17b569675
- SHA256
  
  8479d0f17de22e89540f9002ac5cbaec9dc3fcc53ee4c8b02b81660e77823e48
- SHA512
  
  469c5af56f68acba27b345bca4fd5c6b23d4a8eef020cefc29ecff11ff5d777d9dd92fabfa5e0d7cbd146367797f2f39ac0da835b6b85c4ea4bfa6e43ddfe4f9
- SSDEEP
  
  3072:L1TnY4kclz9sdO/o9dVMmXmwklK7uziAc7P1G2oA33V:RTncQsU/ojVMmXmwkiuzZc7o2z33
Score

10^/10

ramnit banker spyware stealer trojan upx worm
- Ramnit
  Ramnit is a versatile family that holds viruses, worms, and Trojans.
  trojan spyware stealer worm banker ramnit
- Executes dropped EXE
- UPX packed file
  Detects executables packed with UPX/modified UPX open source packer.
  upx
- Loads dropped DLL
- Drops file in System32 directory
behavioral1 behavioral2

MITRE ATT&CK Enterprise v6

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Modify Registry

Credential Access

Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

ramnitbankerspywarestealertrojanupxworm

behavioral2

ramnitbankerspywarestealertrojanupxworm

© 2018-2025

Terms | Privacy