ramnit | b83780c64e418156e994d4a442aa052a233333169d310735ed564c551e2d077f | Triage

Submit
Reports

Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

Overview

overview

Static

static

1

b83780c64e...7f.exe

windows7-x64

b83780c64e...7f.exe

windows10-2004-x64

Sharing

General

Target

b83780c64e418156e994d4a442aa052a233333169d310735ed564c551e2d077f
Size

7.7MB
Sample

221125-p73qesda5y
MD5

58a1c4a869e803d4092b6293e1c8718d
SHA1

f4b9a3f1b009b0eeea40955707a85eeaae20b2c3
SHA256

b83780c64e418156e994d4a442aa052a233333169d310735ed564c551e2d077f
SHA512

bd4010fd6171874065e0332e2d389b4133b49e316c91c67be4e72c9295f3518c027efedc7fbbbb2b3ba81123d03ac8f7a78815e830141aaa3683dd00804d9069
SSDEEP

196608:+QFNk63SELzcfabKmXniJ5jzRdP8V+vR0DMvsKE7:+QzlXfKvmXniJN23DwVE7

Score

10^/10

ramnit banker spyware stealer trojan upx worm

Static task

static1

1 signatures

Behavioral task

behavioral1

Sample

b83780c64e418156e994d4a442aa052a233333169d310735ed564c551e2d077f.exe

Resource

win7-20220812-en

ramnit banker spyware stealer trojan upx worm

windows7-x64

7 signatures

150 seconds

Behavioral task

behavioral2

Sample

b83780c64e418156e994d4a442aa052a233333169d310735ed564c551e2d077f.exe

Resource

win10v2004-20221111-en

ramnit banker spyware stealer trojan upx worm

windows10-2004-x64

11 signatures

150 seconds

Malware Config

Targets

- Target
  
  b83780c64e418156e994d4a442aa052a233333169d310735ed564c551e2d077f
- Size
  
  7.7MB
- MD5
  
  58a1c4a869e803d4092b6293e1c8718d
- SHA1
  
  f4b9a3f1b009b0eeea40955707a85eeaae20b2c3
- SHA256
  
  b83780c64e418156e994d4a442aa052a233333169d310735ed564c551e2d077f
- SHA512
  
  bd4010fd6171874065e0332e2d389b4133b49e316c91c67be4e72c9295f3518c027efedc7fbbbb2b3ba81123d03ac8f7a78815e830141aaa3683dd00804d9069
- SSDEEP
  
  196608:+QFNk63SELzcfabKmXniJ5jzRdP8V+vR0DMvsKE7:+QzlXfKvmXniJN23DwVE7
Score

10^/10

ramnit banker spyware stealer trojan upx worm
- Ramnit
  Ramnit is a versatile family that holds viruses, worms, and Trojans.
  trojan spyware stealer worm banker ramnit
- Executes dropped EXE
- UPX packed file
  Detects executables packed with UPX/modified UPX open source packer.
  upx
- Loads dropped DLL
behavioral1 behavioral2

MITRE ATT&CK Enterprise v6

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Modify Registry

Credential Access

Discovery

System Information Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

ramnitbankerspywarestealertrojanupxworm

behavioral2

ramnitbankerspywarestealertrojanupxworm

© 2018-2025

Terms | Privacy