ramnit | 675415648b27607b764e8d81943efd26af258cdb213837a83b73347bda2f5477 | Triage

Submit
Reports

Overview

overview

Static

static

675415648b...77.dll

windows7-x64

675415648b...77.dll

windows10-2004-x64

Sharing

General

Target

675415648b27607b764e8d81943efd26af258cdb213837a83b73347bda2f5477
Size

432KB
Sample

221121-my1tcsfe32
MD5

399cf48efc83b87f264fc6887e7f9d93
SHA1

1bee979c50417b5a01df03232d0d2a1709611cc7
SHA256

675415648b27607b764e8d81943efd26af258cdb213837a83b73347bda2f5477
SHA512

dd0bd646a1b060f37f814d8a3882656ef9aa26e0d688df926b450eade4b9f5c28f384d6f4913d40414912f003e80c56b21ca3f38ca0ce052919736980141bf88
SSDEEP

12288:eXo450qjYthuCNIm/kqF6a2FjyHIDiwo2FC:3/ku6FjyHe1rFC

Score

10^/10

ramnit banker spyware stealer trojan upx worm

Static task

static1

Behavioral task

behavioral1

Sample

675415648b27607b764e8d81943efd26af258cdb213837a83b73347bda2f5477.dll

Resource

win7-20220812-en

ramnit banker spyware stealer trojan upx worm

windows7-x64

12 signatures

150 seconds

Behavioral task

behavioral2

Sample

675415648b27607b764e8d81943efd26af258cdb213837a83b73347bda2f5477.dll

Resource

win10v2004-20220812-en

ramnit banker spyware stealer trojan upx worm

windows10-2004-x64

12 signatures

150 seconds

Malware Config

Targets

- Target
  
  675415648b27607b764e8d81943efd26af258cdb213837a83b73347bda2f5477
- Size
  
  432KB
- MD5
  
  399cf48efc83b87f264fc6887e7f9d93
- SHA1
  
  1bee979c50417b5a01df03232d0d2a1709611cc7
- SHA256
  
  675415648b27607b764e8d81943efd26af258cdb213837a83b73347bda2f5477
- SHA512
  
  dd0bd646a1b060f37f814d8a3882656ef9aa26e0d688df926b450eade4b9f5c28f384d6f4913d40414912f003e80c56b21ca3f38ca0ce052919736980141bf88
- SSDEEP
  
  12288:eXo450qjYthuCNIm/kqF6a2FjyHIDiwo2FC:3/ku6FjyHe1rFC
Score

10^/10

ramnit banker spyware stealer trojan upx worm
- Ramnit
  Ramnit is a versatile family that holds viruses, worms, and Trojans.
  trojan spyware stealer worm banker ramnit
- Executes dropped EXE
- UPX packed file
  Detects executables packed with UPX/modified UPX open source packer.
  upx
- Loads dropped DLL
- Drops file in System32 directory
behavioral1 behavioral2

MITRE ATT&CK Enterprise v6

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Modify Registry

Credential Access

Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

ramnitbankerspywarestealertrojanupxworm

behavioral2

ramnitbankerspywarestealertrojanupxworm

© 2018-2025

Terms | Privacy