ramnit | abda794dd2384fdee39d1a89e7a07d00239fade7ae3f1abca8cb90744ce703d8 | Triage

Submit
Reports

Overview

overview

Static

static

abda794dd2...d8.dll

windows7-x64

abda794dd2...d8.dll

windows10-2004-x64

Sharing

Copy URL Twitter E-mail

General

Target

abda794dd2384fdee39d1a89e7a07d00239fade7ae3f1abca8cb90744ce703d8
Size

387KB
Sample

221127-k71hvaad7s
MD5

ef36b5bfc77ccf28be6b42ab61a6b069
SHA1

b6e8be85a9d26fc90a3954db92ab0cda9c6520d9
SHA256

abda794dd2384fdee39d1a89e7a07d00239fade7ae3f1abca8cb90744ce703d8
SHA512

3d1a76042a790b28c7574a2309aa6c00ffddc1b4a0d1ba14daa913cb7acc7f98e57659dd9f8d11bf6f0588608b45b2503c971a3d64883bae3a408178895c8de5
SSDEEP

12288:7uM4nc11eju169PkNROaHrmtccN4aE/es0:r0jr9PkopE

Score

10^/10

ramnit banker spyware stealer trojan upx worm

Static task

static1

Behavioral task

behavioral1

Sample

abda794dd2384fdee39d1a89e7a07d00239fade7ae3f1abca8cb90744ce703d8.dll

Resource

win7-20220901-en

ramnit banker spyware stealer trojan upx worm

windows7-x64

11 signatures

150 seconds

Behavioral task

behavioral2

Sample

abda794dd2384fdee39d1a89e7a07d00239fade7ae3f1abca8cb90744ce703d8.dll

Resource

win10v2004-20221111-en

ramnit banker spyware stealer trojan upx worm

windows10-2004-x64

10 signatures

150 seconds

Malware Config

Targets

- Target
  
  abda794dd2384fdee39d1a89e7a07d00239fade7ae3f1abca8cb90744ce703d8
- Size
  
  387KB
- MD5
  
  ef36b5bfc77ccf28be6b42ab61a6b069
- SHA1
  
  b6e8be85a9d26fc90a3954db92ab0cda9c6520d9
- SHA256
  
  abda794dd2384fdee39d1a89e7a07d00239fade7ae3f1abca8cb90744ce703d8
- SHA512
  
  3d1a76042a790b28c7574a2309aa6c00ffddc1b4a0d1ba14daa913cb7acc7f98e57659dd9f8d11bf6f0588608b45b2503c971a3d64883bae3a408178895c8de5
- SSDEEP
  
  12288:7uM4nc11eju169PkNROaHrmtccN4aE/es0:r0jr9PkopE
Score

10^/10

ramnit banker spyware stealer trojan upx worm
- Ramnit
  Ramnit is a versatile family that holds viruses, worms, and Trojans.
  trojan spyware stealer worm banker ramnit
- Executes dropped EXE
- UPX packed file
  Detects executables packed with UPX/modified UPX open source packer.
  upx
- Loads dropped DLL
- Drops file in System32 directory
behavioral1 behavioral2

MITRE ATT&CK Enterprise v6

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Modify Registry

Credential Access

Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

ramnitbankerspywarestealertrojanupxworm

behavioral2

ramnitbankerspywarestealertrojanupxworm

© 2018-2025

Terms | Privacy