ramnit | ab6f469b9572c9e07115e2e52f18ce90ad77534d9a8bc02fe9cffa82bc8f5034 | Triage

Submit
Reports

Overview

overview

Static

static

ab6f469b95...34.dll

windows7-x64

ab6f469b95...34.dll

windows10-2004-x64

Sharing

General

Target

ab6f469b9572c9e07115e2e52f18ce90ad77534d9a8bc02fe9cffa82bc8f5034
Size

707KB
Sample

221127-st4mcagf22
MD5

7be9ab9165aa82f71c09f7ba9e71ab78
SHA1

26bc05d1c9b1cd8f66ef5fb7e869a392365f31fa
SHA256

ab6f469b9572c9e07115e2e52f18ce90ad77534d9a8bc02fe9cffa82bc8f5034
SHA512

88c9ee76f51bb2fd84a2d3c4240c35ac8709e061c89e7f5aca1b921c5e3aeeadba4bbc760a0a86664a53fb96b16fa21b17265701448e01e7191def7756ac1651
SSDEEP

12288:71QQyEsDaSQvdUy8CdqWHTG2EX8R+epU9zvPEUPzcPd0Mv:7JaD3odtIsR+UU9zvP9zc

Score

10^/10

ramnit banker spyware stealer trojan upx worm

Static task

static1

Behavioral task

behavioral1

Sample

ab6f469b9572c9e07115e2e52f18ce90ad77534d9a8bc02fe9cffa82bc8f5034.dll

Resource

win7-20220812-en

ramnit banker spyware stealer trojan upx worm

windows7-x64

11 signatures

150 seconds

Behavioral task

behavioral2

Sample

ab6f469b9572c9e07115e2e52f18ce90ad77534d9a8bc02fe9cffa82bc8f5034.dll

Resource

win10v2004-20221111-en

ramnit banker spyware stealer trojan upx worm

windows10-2004-x64

10 signatures

150 seconds

Malware Config

Targets

- Target
  
  ab6f469b9572c9e07115e2e52f18ce90ad77534d9a8bc02fe9cffa82bc8f5034
- Size
  
  707KB
- MD5
  
  7be9ab9165aa82f71c09f7ba9e71ab78
- SHA1
  
  26bc05d1c9b1cd8f66ef5fb7e869a392365f31fa
- SHA256
  
  ab6f469b9572c9e07115e2e52f18ce90ad77534d9a8bc02fe9cffa82bc8f5034
- SHA512
  
  88c9ee76f51bb2fd84a2d3c4240c35ac8709e061c89e7f5aca1b921c5e3aeeadba4bbc760a0a86664a53fb96b16fa21b17265701448e01e7191def7756ac1651
- SSDEEP
  
  12288:71QQyEsDaSQvdUy8CdqWHTG2EX8R+epU9zvPEUPzcPd0Mv:7JaD3odtIsR+UU9zvP9zc
Score

10^/10

ramnit banker spyware stealer trojan upx worm
- Ramnit
  Ramnit is a versatile family that holds viruses, worms, and Trojans.
  trojan spyware stealer worm banker ramnit
- Executes dropped EXE
- UPX packed file
  Detects executables packed with UPX/modified UPX open source packer.
  upx
- Loads dropped DLL
- Drops file in System32 directory
behavioral1 behavioral2

MITRE ATT&CK Matrix ATT&CK v6

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Modify Registry

Credential Access

Discovery

Lateral Movement

Collection

Exfiltration

Command and Control

Impact

Tasks

static1

behavioral1

ramnitbankerspywarestealertrojanupxworm

behavioral2

ramnitbankerspywarestealertrojanupxworm

© 2018-2024

Terms | Privacy