ramnit | 02d32b5138dd1d7576fe4e7696ebcc3a6f007e8c478db065bf4372d9f55a0b5a | Triage

Submit
Reports

Overview

overview

Static

static

1

02d32b5138...5a.exe

windows7-x64

02d32b5138...5a.exe

windows10-2004-x64

Sharing

General

Target

02d32b5138dd1d7576fe4e7696ebcc3a6f007e8c478db065bf4372d9f55a0b5a
Size

2.4MB
Sample

221123-1c4vsaaa5z
MD5

9a95d4b86ce7a4e1db29238b6ee09e07
SHA1

2f88a5d77fd038da83ad1eca661639ae0199484e
SHA256

02d32b5138dd1d7576fe4e7696ebcc3a6f007e8c478db065bf4372d9f55a0b5a
SHA512

3d44adac646b41200242b66772d3def18f3a2695fa8d26ec59bcb465911bbe0f95905e889d55272155a712aafa922c65d0a66a423dffe8fdd708631c012728a5
SSDEEP

49152:Wym+5BR+UwyfyD2phLtaAGcoaNKIayOzRku/o3+/o8chJGDr:VbZDLQA8AONkCt/V4JQr

Score

10^/10

ramnit banker spyware stealer trojan upx worm

Static task

static1

1 signatures

Behavioral task

behavioral1

Sample

02d32b5138dd1d7576fe4e7696ebcc3a6f007e8c478db065bf4372d9f55a0b5a.exe

Resource

win7-20220812-en

ramnit banker spyware stealer trojan upx worm

windows7-x64

11 signatures

150 seconds

Behavioral task

behavioral2

Sample

02d32b5138dd1d7576fe4e7696ebcc3a6f007e8c478db065bf4372d9f55a0b5a.exe

Resource

win10v2004-20221111-en

ramnit banker spyware stealer trojan upx worm

windows10-2004-x64

11 signatures

150 seconds

Malware Config

Targets

- Target
  
  02d32b5138dd1d7576fe4e7696ebcc3a6f007e8c478db065bf4372d9f55a0b5a
- Size
  
  2.4MB
- MD5
  
  9a95d4b86ce7a4e1db29238b6ee09e07
- SHA1
  
  2f88a5d77fd038da83ad1eca661639ae0199484e
- SHA256
  
  02d32b5138dd1d7576fe4e7696ebcc3a6f007e8c478db065bf4372d9f55a0b5a
- SHA512
  
  3d44adac646b41200242b66772d3def18f3a2695fa8d26ec59bcb465911bbe0f95905e889d55272155a712aafa922c65d0a66a423dffe8fdd708631c012728a5
- SSDEEP
  
  49152:Wym+5BR+UwyfyD2phLtaAGcoaNKIayOzRku/o3+/o8chJGDr:VbZDLQA8AONkCt/V4JQr
Score

10^/10

ramnit banker spyware stealer trojan upx worm
- Ramnit
  Ramnit is a versatile family that holds viruses, worms, and Trojans.
  trojan spyware stealer worm banker ramnit
- Executes dropped EXE
- UPX packed file
  Detects executables packed with UPX/modified UPX open source packer.
  upx
- Loads dropped DLL
behavioral1 behavioral2

MITRE ATT&CK Matrix ATT&CK v6

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Modify Registry

Credential Access

Discovery

System Information Discovery

Lateral Movement

Collection

Exfiltration

Command and Control

Impact

Tasks

static1

behavioral1

ramnitbankerspywarestealertrojanupxworm

behavioral2

ramnitbankerspywarestealertrojanupxworm

© 2018-2024

Terms | Privacy