ramnit | 13d3aab1560b8f35fa9e93bbdfb2497364ced7ea94e7ff1f43a50806b959e1cd | Triage

Submit
Reports

Overview

overview

Static

static

13d3aab156...cd.dll

windows7-x64

13d3aab156...cd.dll

windows10-2004-x64

Sharing

General

Target

13d3aab1560b8f35fa9e93bbdfb2497364ced7ea94e7ff1f43a50806b959e1cd
Size

152KB
Sample

221127-yd1teadd32
MD5

c3fe36c180b99b948c3b40b7d647363c
SHA1

0943db3fd21463372fc708aa812d14aa36fcec1e
SHA256

13d3aab1560b8f35fa9e93bbdfb2497364ced7ea94e7ff1f43a50806b959e1cd
SHA512

78bbdf2c402719e5d26c735a9cf2a44b8bbbd45f1e04407a66aa7aaec3eae39d4c3e7fab2287a7d43425c9374f12cde51b31811d5b6a70f55a36b1105cf1a861
SSDEEP

1536:Ym43KToJcVmBapBQ7op2u4PkUGelpLt5Pt36lR4uVCDsQFRP2C/44N4DXs8aE6yw:bn4cV8gf2u41Z5tKlmuMD0vDcVywPgS

Score

10^/10

ramnit banker spyware stealer trojan upx worm

Static task

static1

Behavioral task

behavioral1

Sample

13d3aab1560b8f35fa9e93bbdfb2497364ced7ea94e7ff1f43a50806b959e1cd.dll

Resource

win7-20221111-en

ramnit banker spyware stealer trojan upx worm

windows7-x64

11 signatures

150 seconds

Behavioral task

behavioral2

Sample

13d3aab1560b8f35fa9e93bbdfb2497364ced7ea94e7ff1f43a50806b959e1cd.dll

Resource

win10v2004-20220812-en

ramnit banker spyware stealer trojan upx worm

windows10-2004-x64

11 signatures

150 seconds

Malware Config

Targets

- Target
  
  13d3aab1560b8f35fa9e93bbdfb2497364ced7ea94e7ff1f43a50806b959e1cd
- Size
  
  152KB
- MD5
  
  c3fe36c180b99b948c3b40b7d647363c
- SHA1
  
  0943db3fd21463372fc708aa812d14aa36fcec1e
- SHA256
  
  13d3aab1560b8f35fa9e93bbdfb2497364ced7ea94e7ff1f43a50806b959e1cd
- SHA512
  
  78bbdf2c402719e5d26c735a9cf2a44b8bbbd45f1e04407a66aa7aaec3eae39d4c3e7fab2287a7d43425c9374f12cde51b31811d5b6a70f55a36b1105cf1a861
- SSDEEP
  
  1536:Ym43KToJcVmBapBQ7op2u4PkUGelpLt5Pt36lR4uVCDsQFRP2C/44N4DXs8aE6yw:bn4cV8gf2u41Z5tKlmuMD0vDcVywPgS
Score

10^/10

ramnit banker spyware stealer trojan upx worm
- Ramnit
  Ramnit is a versatile family that holds viruses, worms, and Trojans.
  trojan spyware stealer worm banker ramnit
- Executes dropped EXE
- UPX packed file
  Detects executables packed with UPX/modified UPX open source packer.
  upx
- Loads dropped DLL
- Drops file in System32 directory
behavioral1 behavioral2

MITRE ATT&CK Matrix ATT&CK v6

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Modify Registry

Credential Access

Discovery

Lateral Movement

Collection

Exfiltration

Command and Control

Impact

Tasks

static1

behavioral1

ramnitbankerspywarestealertrojanupxworm

behavioral2

ramnitbankerspywarestealertrojanupxworm

© 2018-2024

Terms | Privacy