ramnit | 2ceb8305fc9be3931100e7292e38f789c058c4ff22e2e10e09e6228887cf4ee4 | Triage

Submit
Reports

Overview

overview

Static

static

1

2ceb8305fc...e4.exe

windows7-x64

2ceb8305fc...e4.exe

windows10-2004-x64

Sharing

General

Target

2ceb8305fc9be3931100e7292e38f789c058c4ff22e2e10e09e6228887cf4ee4
Size

5.3MB
Sample

221127-ydp2xadc95
MD5

a2633c1493a7223f435483600813af75
SHA1

96383faa427b60134bc67161f836afcf31e25b51
SHA256

2ceb8305fc9be3931100e7292e38f789c058c4ff22e2e10e09e6228887cf4ee4
SHA512

0b7d89c9d6e3a43bc13947814d321f3b21c9bc4867055a1eb7dcd2270542ca88dad9377e89443086f0a780154849f5591718e9515134b674dbc01d5026eb5f48
SSDEEP

98304:kDLQA8AONk+kP5X/ubUTTqpykOZuXGeFMNkWkcTA2VgJQm:SQFNkTP5PubUTwykHXHeNLcvb

Score

10^/10

ramnit banker spyware stealer trojan upx worm

Static task

static1

1 signatures

Behavioral task

behavioral1

Sample

2ceb8305fc9be3931100e7292e38f789c058c4ff22e2e10e09e6228887cf4ee4.exe

Resource

win7-20220812-en

ramnit banker spyware stealer trojan upx worm

windows7-x64

11 signatures

150 seconds

Behavioral task

behavioral2

Sample

2ceb8305fc9be3931100e7292e38f789c058c4ff22e2e10e09e6228887cf4ee4.exe

Resource

win10v2004-20220812-en

ramnit banker spyware stealer trojan upx worm

windows10-2004-x64

11 signatures

150 seconds

Malware Config

Targets

- Target
  
  2ceb8305fc9be3931100e7292e38f789c058c4ff22e2e10e09e6228887cf4ee4
- Size
  
  5.3MB
- MD5
  
  a2633c1493a7223f435483600813af75
- SHA1
  
  96383faa427b60134bc67161f836afcf31e25b51
- SHA256
  
  2ceb8305fc9be3931100e7292e38f789c058c4ff22e2e10e09e6228887cf4ee4
- SHA512
  
  0b7d89c9d6e3a43bc13947814d321f3b21c9bc4867055a1eb7dcd2270542ca88dad9377e89443086f0a780154849f5591718e9515134b674dbc01d5026eb5f48
- SSDEEP
  
  98304:kDLQA8AONk+kP5X/ubUTTqpykOZuXGeFMNkWkcTA2VgJQm:SQFNkTP5PubUTwykHXHeNLcvb
Score

10^/10

ramnit banker spyware stealer trojan upx worm
- Ramnit
  Ramnit is a versatile family that holds viruses, worms, and Trojans.
  trojan spyware stealer worm banker ramnit
- Executes dropped EXE
- UPX packed file
  Detects executables packed with UPX/modified UPX open source packer.
  upx
- Loads dropped DLL
behavioral1 behavioral2

MITRE ATT&CK Matrix ATT&CK v6

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Modify Registry

Credential Access

Discovery

System Information Discovery

Lateral Movement

Collection

Exfiltration

Command and Control

Impact

Tasks

static1

behavioral1

ramnitbankerspywarestealertrojanupxworm

behavioral2

ramnitbankerspywarestealertrojanupxworm

© 2018-2024

Terms | Privacy