ramnit | aa50e821a2ea565d5b409ca6f7da2d0c507549b19c0fb130f0a8d3ad7016848b | Triage

Submit
Reports

Overview

overview

Static

static

1

aa50e821a2...8b.exe

windows7-x64

aa50e821a2...8b.exe

windows10-2004-x64

Sharing

General

Target

aa50e821a2ea565d5b409ca6f7da2d0c507549b19c0fb130f0a8d3ad7016848b
Size

2.6MB
Sample

221125-xe8pzafg59
MD5

875bef404c53ce608bb70fe1bdf4d43d
SHA1

f9c9abfd3484ddd9b08fa3d0e17a737f3a6fc80d
SHA256

aa50e821a2ea565d5b409ca6f7da2d0c507549b19c0fb130f0a8d3ad7016848b
SHA512

4bb5d376e2410e1b913bf805b74cb481ef4897c08b55033152e8e31fe241f78c2dd1a8771192c1dead9566538e640cec7e346187c01186e6023b8c795e77ea8f
SSDEEP

49152:27yfyD2phLtaAGcoaNKIayOzRk1K03Cscw/j7iD/WlClxY9Go8ThJGDy:zDLQA8AONkX3tf2WlCTYUV9JQy

Score

10^/10

ramnit banker spyware stealer trojan upx worm

Static task

static1

1 signatures

Behavioral task

behavioral1

Sample

aa50e821a2ea565d5b409ca6f7da2d0c507549b19c0fb130f0a8d3ad7016848b.exe

Resource

win7-20221111-en

ramnit banker spyware stealer trojan upx worm

windows7-x64

11 signatures

150 seconds

Behavioral task

behavioral2

Sample

aa50e821a2ea565d5b409ca6f7da2d0c507549b19c0fb130f0a8d3ad7016848b.exe

Resource

win10v2004-20220812-en

ramnit banker spyware stealer trojan upx worm

windows10-2004-x64

12 signatures

150 seconds

Malware Config

Targets

- Target
  
  aa50e821a2ea565d5b409ca6f7da2d0c507549b19c0fb130f0a8d3ad7016848b
- Size
  
  2.6MB
- MD5
  
  875bef404c53ce608bb70fe1bdf4d43d
- SHA1
  
  f9c9abfd3484ddd9b08fa3d0e17a737f3a6fc80d
- SHA256
  
  aa50e821a2ea565d5b409ca6f7da2d0c507549b19c0fb130f0a8d3ad7016848b
- SHA512
  
  4bb5d376e2410e1b913bf805b74cb481ef4897c08b55033152e8e31fe241f78c2dd1a8771192c1dead9566538e640cec7e346187c01186e6023b8c795e77ea8f
- SSDEEP
  
  49152:27yfyD2phLtaAGcoaNKIayOzRk1K03Cscw/j7iD/WlClxY9Go8ThJGDy:zDLQA8AONkX3tf2WlCTYUV9JQy
Score

10^/10

ramnit banker spyware stealer trojan upx worm
- Ramnit
  Ramnit is a versatile family that holds viruses, worms, and Trojans.
  trojan spyware stealer worm banker ramnit
- Executes dropped EXE
- UPX packed file
  Detects executables packed with UPX/modified UPX open source packer.
  upx
- Loads dropped DLL
behavioral1 behavioral2

MITRE ATT&CK Enterprise v6

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Modify Registry

Credential Access

Discovery

System Information Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

ramnitbankerspywarestealertrojanupxworm

behavioral2

ramnitbankerspywarestealertrojanupxworm

© 2018-2024

Terms | Privacy