ramnit | 19f1adafee0508f108f88a924abaa2bda40aa7ee61248526b00f59811b1ebf99 | Triage

Submit
Reports

Overview

overview

Static

static

19f1adafee...99.dll

windows7-x64

19f1adafee...99.dll

windows10-2004-x64

Sharing

Copy URL Twitter E-mail

General

Target

19f1adafee0508f108f88a924abaa2bda40aa7ee61248526b00f59811b1ebf99
Size

220KB
Sample

221125-xpx18age67
MD5

b9d479b25baaf7e1916e31a06d93e25c
SHA1

ccd791807433347dae6e150d419155e8f5d84c1e
SHA256

19f1adafee0508f108f88a924abaa2bda40aa7ee61248526b00f59811b1ebf99
SHA512

01eed34ca7c6244ef44a9b3464f640fb90cbe56bed5ea65d33f3cab500a9b64d9f38f433535de8d9793204427c9e250c2aea53d85f9034c39c6ac0b4b59b88f4
SSDEEP

3072:44vsEahcJAy45zlcEkKE8Ag0FuT0tBzeKKz0aPwJ38SCRcF8bkYx6OVn:44taDpLkKdAOU5aP638SCo8X64

Score

10^/10

ramnit banker spyware stealer trojan upx worm

Static task

static1

Behavioral task

behavioral1

Sample

19f1adafee0508f108f88a924abaa2bda40aa7ee61248526b00f59811b1ebf99.dll

Resource

win7-20221111-en

ramnit banker spyware stealer trojan upx worm

windows7-x64

11 signatures

150 seconds

Behavioral task

behavioral2

Sample

19f1adafee0508f108f88a924abaa2bda40aa7ee61248526b00f59811b1ebf99.dll

Resource

win10v2004-20220901-en

ramnit banker spyware stealer trojan upx worm

windows10-2004-x64

11 signatures

150 seconds

Malware Config

Targets

- Target
  
  19f1adafee0508f108f88a924abaa2bda40aa7ee61248526b00f59811b1ebf99
- Size
  
  220KB
- MD5
  
  b9d479b25baaf7e1916e31a06d93e25c
- SHA1
  
  ccd791807433347dae6e150d419155e8f5d84c1e
- SHA256
  
  19f1adafee0508f108f88a924abaa2bda40aa7ee61248526b00f59811b1ebf99
- SHA512
  
  01eed34ca7c6244ef44a9b3464f640fb90cbe56bed5ea65d33f3cab500a9b64d9f38f433535de8d9793204427c9e250c2aea53d85f9034c39c6ac0b4b59b88f4
- SSDEEP
  
  3072:44vsEahcJAy45zlcEkKE8Ag0FuT0tBzeKKz0aPwJ38SCRcF8bkYx6OVn:44taDpLkKdAOU5aP638SCo8X64
Score

10^/10

ramnit banker spyware stealer trojan upx worm
- Ramnit
  Ramnit is a versatile family that holds viruses, worms, and Trojans.
  trojan spyware stealer worm banker ramnit
- Executes dropped EXE
- UPX packed file
  Detects executables packed with UPX/modified UPX open source packer.
  upx
- Loads dropped DLL
- Drops file in System32 directory
behavioral1 behavioral2

MITRE ATT&CK Enterprise v6

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Modify Registry

Credential Access

Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

ramnitbankerspywarestealertrojanupxworm

behavioral2

ramnitbankerspywarestealertrojanupxworm

© 2018-2025

Terms | Privacy