ramnit | 1786908d9556466cb5e3b8cf8b5ab566cf9544921f0f002d6c5afd865de43089 | Triage

Submit
Reports

Overview

overview

Static

static

1

1786908d95...89.exe

windows7-x64

1786908d95...89.exe

windows10-2004-x64

Sharing

General

Target

1786908d9556466cb5e3b8cf8b5ab566cf9544921f0f002d6c5afd865de43089
Size

19.2MB
Sample

221123-1ctptaaa4v
MD5

4905c90823cf9c0742822719b21b661e
SHA1

964e1e7e9e32978643b7ea798b310bfd59408156
SHA256

1786908d9556466cb5e3b8cf8b5ab566cf9544921f0f002d6c5afd865de43089
SHA512

b94e7ede1d1976958face901dee2b02c8f1d5d7858097c2134a05ef3f6a9e98ae39fab7901391d5d560d067654eaaff638be26ae96523d198c04ac3b496509a6
SSDEEP

393216:DQzsC3bsTS2JlGil1kmyTTmmSkd99ezJjPjBuXAKho/n2NnVI2U2k:DQzjbsT1/+5TKmr9YV9uQKho/niK2k

Score

10^/10

ramnit banker spyware stealer trojan upx worm

Static task

static1

1 signatures

Behavioral task

behavioral1

Sample

1786908d9556466cb5e3b8cf8b5ab566cf9544921f0f002d6c5afd865de43089.exe

Resource

win7-20221111-en

ramnit banker spyware stealer trojan upx worm

windows7-x64

11 signatures

150 seconds

Behavioral task

behavioral2

Sample

1786908d9556466cb5e3b8cf8b5ab566cf9544921f0f002d6c5afd865de43089.exe

Resource

win10v2004-20221111-en

ramnit banker spyware stealer trojan upx worm

windows10-2004-x64

11 signatures

150 seconds

Malware Config

Targets

- Target
  
  1786908d9556466cb5e3b8cf8b5ab566cf9544921f0f002d6c5afd865de43089
- Size
  
  19.2MB
- MD5
  
  4905c90823cf9c0742822719b21b661e
- SHA1
  
  964e1e7e9e32978643b7ea798b310bfd59408156
- SHA256
  
  1786908d9556466cb5e3b8cf8b5ab566cf9544921f0f002d6c5afd865de43089
- SHA512
  
  b94e7ede1d1976958face901dee2b02c8f1d5d7858097c2134a05ef3f6a9e98ae39fab7901391d5d560d067654eaaff638be26ae96523d198c04ac3b496509a6
- SSDEEP
  
  393216:DQzsC3bsTS2JlGil1kmyTTmmSkd99ezJjPjBuXAKho/n2NnVI2U2k:DQzjbsT1/+5TKmr9YV9uQKho/niK2k
Score

10^/10

ramnit banker spyware stealer trojan upx worm
- Ramnit
  Ramnit is a versatile family that holds viruses, worms, and Trojans.
  trojan spyware stealer worm banker ramnit
- Executes dropped EXE
- UPX packed file
  Detects executables packed with UPX/modified UPX open source packer.
  upx
- Loads dropped DLL
behavioral1 behavioral2

MITRE ATT&CK Enterprise v6

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Modify Registry

Credential Access

Discovery

System Information Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

ramnitbankerspywarestealertrojanupxworm

behavioral2

ramnitbankerspywarestealertrojanupxworm

© 2018-2025

Terms | Privacy