ramnit | 40274ae41ecda2080362b5359b284eb3f9f9c4a295000df5850afd21069f7c0c | Triage

Submit
Reports

Overview

overview

Static

static

40274ae41e...0c.dll

windows7-x64

40274ae41e...0c.dll

windows10-2004-x64

Sharing

General

Target

40274ae41ecda2080362b5359b284eb3f9f9c4a295000df5850afd21069f7c0c
Size

292KB
Sample

221123-xlnndafd25
MD5

456d20fc0ba7e96d5a0b4c46e36271ec
SHA1

3529a82cbca65f9704de55067b9661ec8ed7980c
SHA256

40274ae41ecda2080362b5359b284eb3f9f9c4a295000df5850afd21069f7c0c
SHA512

47c13184f4a778b93e01f802a5b870681b100c673a834f87624b7fcfa41ef8767ca1d40a8aee50612be4fc1b073d29e0eade5791948be2ee1ddfec301e34cc8b
SSDEEP

6144:PkskvfXysBXtgeeNMPaZRupn+aZGVXpEqI2JX6gAy/AwA:sBysKEc8B+XLEqIeX6gAy/w

Score

10^/10

ramnit banker spyware stealer trojan upx worm

Static task

static1

Behavioral task

behavioral1

Sample

40274ae41ecda2080362b5359b284eb3f9f9c4a295000df5850afd21069f7c0c.dll

Resource

win7-20220901-en

ramnit banker spyware stealer trojan upx worm

windows7-x64

11 signatures

150 seconds

Behavioral task

behavioral2

Sample

40274ae41ecda2080362b5359b284eb3f9f9c4a295000df5850afd21069f7c0c.dll

Resource

win10v2004-20221111-en

windows10-2004-x64

0 signatures

150 seconds

Malware Config

Targets

- Target
  
  40274ae41ecda2080362b5359b284eb3f9f9c4a295000df5850afd21069f7c0c
- Size
  
  292KB
- MD5
  
  456d20fc0ba7e96d5a0b4c46e36271ec
- SHA1
  
  3529a82cbca65f9704de55067b9661ec8ed7980c
- SHA256
  
  40274ae41ecda2080362b5359b284eb3f9f9c4a295000df5850afd21069f7c0c
- SHA512
  
  47c13184f4a778b93e01f802a5b870681b100c673a834f87624b7fcfa41ef8767ca1d40a8aee50612be4fc1b073d29e0eade5791948be2ee1ddfec301e34cc8b
- SSDEEP
  
  6144:PkskvfXysBXtgeeNMPaZRupn+aZGVXpEqI2JX6gAy/AwA:sBysKEc8B+XLEqIeX6gAy/w
Score

10^/10

ramnit banker spyware stealer trojan upx worm
- Ramnit
  Ramnit is a versatile family that holds viruses, worms, and Trojans.
  trojan spyware stealer worm banker ramnit
- Executes dropped EXE
- UPX packed file
  Detects executables packed with UPX/modified UPX open source packer.
  upx
- Loads dropped DLL
- Drops file in System32 directory
behavioral1 behavioral2

MITRE ATT&CK Matrix ATT&CK v6

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Modify Registry

Credential Access

Discovery

Lateral Movement

Collection

Exfiltration

Command and Control

Impact

Tasks

static1

behavioral1

ramnitbankerspywarestealertrojanupxworm

behavioral2

© 2018-2024

Terms | Privacy