ramnit | 859dc5c1a6108a6ed242832390c7883fa65785b025268f913454ae2426ea9147 | Triage

Submit
Reports

Overview

overview

Static

static

859dc5c1a6...47.dll

windows7-x64

859dc5c1a6...47.dll

windows10-2004-x64

Sharing

General

Target

859dc5c1a6108a6ed242832390c7883fa65785b025268f913454ae2426ea9147
Size

1.3MB
Sample

221127-zq6qvsch5v
MD5

d5389af03787624641d8fe1bea399ca0
SHA1

4aa70ef7acacdc8f82ff1a3303f06b0d414c0a5f
SHA256

859dc5c1a6108a6ed242832390c7883fa65785b025268f913454ae2426ea9147
SHA512

7b506bfa2cb934bd3328a83e94ec8ae92072a723a4ac38ae08c19e3582f952ec3e7bc5da2ed6cb42cb2e21358b0f7d8fc2dca36398001810ae99dac915fcae06
SSDEEP

24576:bZjNVCA+eRd/6aXrOkuPORs36nhuah65DnVyMlSglck3KK3Ow9:btCmRdyg676hua05DVzoYck3hOO

Score

10^/10

ramnit banker spyware stealer trojan upx worm

Static task

static1

Behavioral task

behavioral1

Sample

859dc5c1a6108a6ed242832390c7883fa65785b025268f913454ae2426ea9147.dll

Resource

win7-20220812-en

ramnit banker spyware stealer trojan upx worm

windows7-x64

11 signatures

150 seconds

Behavioral task

behavioral2

Sample

859dc5c1a6108a6ed242832390c7883fa65785b025268f913454ae2426ea9147.dll

Resource

win10v2004-20220812-en

ramnit banker spyware stealer trojan upx worm

windows10-2004-x64

11 signatures

150 seconds

Malware Config

Targets

- Target
  
  859dc5c1a6108a6ed242832390c7883fa65785b025268f913454ae2426ea9147
- Size
  
  1.3MB
- MD5
  
  d5389af03787624641d8fe1bea399ca0
- SHA1
  
  4aa70ef7acacdc8f82ff1a3303f06b0d414c0a5f
- SHA256
  
  859dc5c1a6108a6ed242832390c7883fa65785b025268f913454ae2426ea9147
- SHA512
  
  7b506bfa2cb934bd3328a83e94ec8ae92072a723a4ac38ae08c19e3582f952ec3e7bc5da2ed6cb42cb2e21358b0f7d8fc2dca36398001810ae99dac915fcae06
- SSDEEP
  
  24576:bZjNVCA+eRd/6aXrOkuPORs36nhuah65DnVyMlSglck3KK3Ow9:btCmRdyg676hua05DVzoYck3hOO
Score

10^/10

ramnit banker spyware stealer trojan upx worm
- Ramnit
  Ramnit is a versatile family that holds viruses, worms, and Trojans.
  trojan spyware stealer worm banker ramnit
- Executes dropped EXE
- UPX packed file
  Detects executables packed with UPX/modified UPX open source packer.
  upx
- Loads dropped DLL
- Drops file in System32 directory
behavioral1 behavioral2

MITRE ATT&CK Matrix ATT&CK v6

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Modify Registry

Credential Access

Discovery

Lateral Movement

Collection

Exfiltration

Command and Control

Impact

Tasks

static1

behavioral1

ramnitbankerspywarestealertrojanupxworm

behavioral2

ramnitbankerspywarestealertrojanupxworm

© 2018-2024

Terms | Privacy