ramnit | 6cff4e2458c105b636f8ffe0ebefbfac7472a9ebea6b1599f5cfd23f492d55fb | Triage

Submit
Reports

Overview

overview

Static

static

1

6cff4e2458...fb.exe

windows7-x64

6cff4e2458...fb.exe

windows10-2004-x64

Sharing

General

Target

6cff4e2458c105b636f8ffe0ebefbfac7472a9ebea6b1599f5cfd23f492d55fb
Size

23.4MB
Sample

221123-1bppgahh8t
MD5

3c86c4d0a07ab1ec530f636f251343ef
SHA1

c7f59d4f49feffca17af3ed2158f585a4e9f746a
SHA256

6cff4e2458c105b636f8ffe0ebefbfac7472a9ebea6b1599f5cfd23f492d55fb
SHA512

d2a3e977ddfe636b8861b3bb65c3bf56cb02b338125845173d020497ee4e8429d82e0395cb60afe48bb1861bfb83668ecf05d2296e8331c0e63c7a3f18330807
SSDEEP

393216:5tM+jxjs0JTGcZwMig/Pp6e5rihFcEdDtsTFL782qowsNOB3XMxvicjaNnKoVbW5:lBTdZwEge5rGFOFL78Jf3XMFMsBr

Score

10^/10

ramnit banker spyware stealer trojan upx worm

Static task

static1

1 signatures

Behavioral task

behavioral1

Sample

6cff4e2458c105b636f8ffe0ebefbfac7472a9ebea6b1599f5cfd23f492d55fb.exe

Resource

win7-20220812-en

ramnit banker spyware stealer trojan upx worm

windows7-x64

11 signatures

150 seconds

Behavioral task

behavioral2

Sample

6cff4e2458c105b636f8ffe0ebefbfac7472a9ebea6b1599f5cfd23f492d55fb.exe

Resource

win10v2004-20221111-en

ramnit banker spyware stealer trojan upx worm

windows10-2004-x64

12 signatures

150 seconds

Malware Config

Targets

- Target
  
  6cff4e2458c105b636f8ffe0ebefbfac7472a9ebea6b1599f5cfd23f492d55fb
- Size
  
  23.4MB
- MD5
  
  3c86c4d0a07ab1ec530f636f251343ef
- SHA1
  
  c7f59d4f49feffca17af3ed2158f585a4e9f746a
- SHA256
  
  6cff4e2458c105b636f8ffe0ebefbfac7472a9ebea6b1599f5cfd23f492d55fb
- SHA512
  
  d2a3e977ddfe636b8861b3bb65c3bf56cb02b338125845173d020497ee4e8429d82e0395cb60afe48bb1861bfb83668ecf05d2296e8331c0e63c7a3f18330807
- SSDEEP
  
  393216:5tM+jxjs0JTGcZwMig/Pp6e5rihFcEdDtsTFL782qowsNOB3XMxvicjaNnKoVbW5:lBTdZwEge5rGFOFL78Jf3XMFMsBr
Score

10^/10

ramnit banker spyware stealer trojan upx worm
- Ramnit
  Ramnit is a versatile family that holds viruses, worms, and Trojans.
  trojan spyware stealer worm banker ramnit
- Executes dropped EXE
- UPX packed file
  Detects executables packed with UPX/modified UPX open source packer.
  upx
- Loads dropped DLL
behavioral1 behavioral2

MITRE ATT&CK Matrix ATT&CK v6

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Modify Registry

Credential Access

Discovery

System Information Discovery

Lateral Movement

Collection

Exfiltration

Command and Control

Impact

Tasks

static1

behavioral1

ramnitbankerspywarestealertrojanupxworm

behavioral2

ramnitbankerspywarestealertrojanupxworm

© 2018-2024

Terms | Privacy