ramnit | 3d2d0b31a0eb5554036bfbe4babf809f51e289c24be9ca06ace4051ffcf6c1fc | Triage

Submit
Reports

Overview

overview

Static

static

8

3d2d0b31a0...fc.exe

windows7-x64

3d2d0b31a0...fc.exe

windows10-2004-x64

Sharing

General

Target

3d2d0b31a0eb5554036bfbe4babf809f51e289c24be9ca06ace4051ffcf6c1fc
Size

111KB
Sample

221127-ydjvwshc3v
MD5

db7063dd41623179399e9508beb287e8
SHA1

4c7af2ca9eb7ad2c3fadaaa1a988767efb274c27
SHA256

3d2d0b31a0eb5554036bfbe4babf809f51e289c24be9ca06ace4051ffcf6c1fc
SHA512

d41a086b1f521c0c57e23dd1bcf6e42b35d1c4e43132ad3f01783b1d5870b2eca22e9362c826dfb2b8f536a0307e01ca67aabf49e09c92ca7b8523616b457089
SSDEEP

1536:4+hzRsibKplyXTq8OGRnsPFG+RODTb7MXL5uXZnzEL9juPctT80YfIng1/Aum6ci:TROzoTq0+RO7IwnYthd80SoP3CCneB

Score

10^/10

ramnit banker spyware stealer trojan upx worm

Static task

static1

1 signatures

Behavioral task

behavioral1

Sample

3d2d0b31a0eb5554036bfbe4babf809f51e289c24be9ca06ace4051ffcf6c1fc.exe

Resource

win7-20220901-en

ramnit banker spyware stealer trojan upx worm

windows7-x64

10 signatures

150 seconds

Behavioral task

behavioral2

Sample

3d2d0b31a0eb5554036bfbe4babf809f51e289c24be9ca06ace4051ffcf6c1fc.exe

Resource

win10v2004-20220812-en

ramnit banker spyware stealer trojan upx worm

windows10-2004-x64

10 signatures

150 seconds

Malware Config

Targets

- Target
  
  3d2d0b31a0eb5554036bfbe4babf809f51e289c24be9ca06ace4051ffcf6c1fc
- Size
  
  111KB
- MD5
  
  db7063dd41623179399e9508beb287e8
- SHA1
  
  4c7af2ca9eb7ad2c3fadaaa1a988767efb274c27
- SHA256
  
  3d2d0b31a0eb5554036bfbe4babf809f51e289c24be9ca06ace4051ffcf6c1fc
- SHA512
  
  d41a086b1f521c0c57e23dd1bcf6e42b35d1c4e43132ad3f01783b1d5870b2eca22e9362c826dfb2b8f536a0307e01ca67aabf49e09c92ca7b8523616b457089
- SSDEEP
  
  1536:4+hzRsibKplyXTq8OGRnsPFG+RODTb7MXL5uXZnzEL9juPctT80YfIng1/Aum6ci:TROzoTq0+RO7IwnYthd80SoP3CCneB
Score

10^/10

ramnit banker spyware stealer trojan upx worm
- Ramnit
  Ramnit is a versatile family that holds viruses, worms, and Trojans.
  trojan spyware stealer worm banker ramnit
- Executes dropped EXE
- UPX packed file
  Detects executables packed with UPX/modified UPX open source packer.
  upx
- Loads dropped DLL
behavioral1 behavioral2

MITRE ATT&CK Matrix ATT&CK v6

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Modify Registry

Credential Access

Discovery

Lateral Movement

Collection

Exfiltration

Command and Control

Impact

Tasks

static1

behavioral1

ramnitbankerspywarestealertrojanupxworm

behavioral2

ramnitbankerspywarestealertrojanupxworm

© 2018-2024

Terms | Privacy