ramnit | 394e453ce002f9cdc22c2937e11d35fa09efae39d69c536220f21612a842b541 | Triage

Submit
Reports

Overview

overview

Static

static

1

394e453ce0...41.exe

windows7-x64

394e453ce0...41.exe

windows10-2004-x64

Sharing

General

Target

394e453ce002f9cdc22c2937e11d35fa09efae39d69c536220f21612a842b541
Size

9.7MB
Sample

221123-1cd95aaa2z
MD5

84d67f560aedec002db2230c2ae394b4
SHA1

c1dbc4e99ab0e4c89dbd393a1be0179b4c08b3e2
SHA256

394e453ce002f9cdc22c2937e11d35fa09efae39d69c536220f21612a842b541
SHA512

ab4d13f68a79a45690a5bb686477a9a1c59af7c42fc1e50ee94471ef1dc0703b522918d78ebf45f7a55d50b7ec5c6d07f393e10c775dba1f6f22d40c1928ad46
SSDEEP

196608:BQFNkbKXsFgOBN/1fvj/OgtjAsMIn0UpIH+KBLcu:BQzhXsFg4N/1fvjpjhVIHxxcu

Score

10^/10

ramnit banker spyware stealer trojan upx worm

Static task

static1

1 signatures

Behavioral task

behavioral1

Sample

394e453ce002f9cdc22c2937e11d35fa09efae39d69c536220f21612a842b541.exe

Resource

win7-20220901-en

ramnit banker spyware stealer trojan upx worm

windows7-x64

11 signatures

150 seconds

Behavioral task

behavioral2

Sample

394e453ce002f9cdc22c2937e11d35fa09efae39d69c536220f21612a842b541.exe

Resource

win10v2004-20220812-en

ramnit banker spyware stealer trojan upx worm

windows10-2004-x64

12 signatures

150 seconds

Malware Config

Targets

- Target
  
  394e453ce002f9cdc22c2937e11d35fa09efae39d69c536220f21612a842b541
- Size
  
  9.7MB
- MD5
  
  84d67f560aedec002db2230c2ae394b4
- SHA1
  
  c1dbc4e99ab0e4c89dbd393a1be0179b4c08b3e2
- SHA256
  
  394e453ce002f9cdc22c2937e11d35fa09efae39d69c536220f21612a842b541
- SHA512
  
  ab4d13f68a79a45690a5bb686477a9a1c59af7c42fc1e50ee94471ef1dc0703b522918d78ebf45f7a55d50b7ec5c6d07f393e10c775dba1f6f22d40c1928ad46
- SSDEEP
  
  196608:BQFNkbKXsFgOBN/1fvj/OgtjAsMIn0UpIH+KBLcu:BQzhXsFg4N/1fvjpjhVIHxxcu
Score

10^/10

ramnit banker spyware stealer trojan upx worm
- Ramnit
  Ramnit is a versatile family that holds viruses, worms, and Trojans.
  trojan spyware stealer worm banker ramnit
- Executes dropped EXE
- UPX packed file
  Detects executables packed with UPX/modified UPX open source packer.
  upx
- Loads dropped DLL
behavioral1 behavioral2

MITRE ATT&CK Enterprise v6

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Modify Registry

Credential Access

Discovery

System Information Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

ramnitbankerspywarestealertrojanupxworm

behavioral2

ramnitbankerspywarestealertrojanupxworm

© 2018-2024

Terms | Privacy