ramnit | 4b041b65b399310b81e64b006e1c120a300bf02c17ca8bed1a6d96bd624b70ca | Triage

Submit
Reports

Overview

overview

Static

static

1

4b041b65b3...ca.exe

windows7-x64

4b041b65b3...ca.exe

windows10-2004-x64

Sharing

General

Target

4b041b65b399310b81e64b006e1c120a300bf02c17ca8bed1a6d96bd624b70ca
Size

26.2MB
Sample

221128-rdm4zsdd6w
MD5

ee110195c3dd099e020a8abe665d5179
SHA1

87f95305bc6649482a651ed7d8122c0615c037d8
SHA256

4b041b65b399310b81e64b006e1c120a300bf02c17ca8bed1a6d96bd624b70ca
SHA512

44342c12422cbaa82377ba6e4db8cf45b0b1059525c87225b77b9ed902d0ceb838e37d4fc7a8c594cca79c1693e0b060648a42c8951ee3d7338f0d91d7d7eb43
SSDEEP

393216:bQzW5cdeF+ifym9aq5Y7DjXf10UU2BrS4F+GDmo3CThIgPvikdvH6vkGk0RER6U:bQz5iqm987UsrS4F+GDoigPtH6vxqR6U

Score

10^/10

ramnit banker spyware stealer trojan upx worm

Static task

static1

1 signatures

Behavioral task

behavioral1

Sample

4b041b65b399310b81e64b006e1c120a300bf02c17ca8bed1a6d96bd624b70ca.exe

Resource

win7-20221111-en

ramnit banker spyware stealer trojan upx worm

windows7-x64

11 signatures

150 seconds

Behavioral task

behavioral2

Sample

4b041b65b399310b81e64b006e1c120a300bf02c17ca8bed1a6d96bd624b70ca.exe

Resource

win10v2004-20220812-en

ramnit banker spyware stealer trojan upx worm

windows10-2004-x64

12 signatures

150 seconds

Malware Config

Targets

- Target
  
  4b041b65b399310b81e64b006e1c120a300bf02c17ca8bed1a6d96bd624b70ca
- Size
  
  26.2MB
- MD5
  
  ee110195c3dd099e020a8abe665d5179
- SHA1
  
  87f95305bc6649482a651ed7d8122c0615c037d8
- SHA256
  
  4b041b65b399310b81e64b006e1c120a300bf02c17ca8bed1a6d96bd624b70ca
- SHA512
  
  44342c12422cbaa82377ba6e4db8cf45b0b1059525c87225b77b9ed902d0ceb838e37d4fc7a8c594cca79c1693e0b060648a42c8951ee3d7338f0d91d7d7eb43
- SSDEEP
  
  393216:bQzW5cdeF+ifym9aq5Y7DjXf10UU2BrS4F+GDmo3CThIgPvikdvH6vkGk0RER6U:bQz5iqm987UsrS4F+GDoigPtH6vxqR6U
Score

10^/10

ramnit banker spyware stealer trojan upx worm
- Ramnit
  Ramnit is a versatile family that holds viruses, worms, and Trojans.
  trojan spyware stealer worm banker ramnit
- Executes dropped EXE
- UPX packed file
  Detects executables packed with UPX/modified UPX open source packer.
  upx
- Loads dropped DLL
behavioral1 behavioral2

MITRE ATT&CK Matrix ATT&CK v6

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Modify Registry

Credential Access

Discovery

System Information Discovery

Lateral Movement

Collection

Exfiltration

Command and Control

Impact

Tasks

static1

behavioral1

ramnitbankerspywarestealertrojanupxworm

behavioral2

ramnitbankerspywarestealertrojanupxworm

© 2018-2024

Terms | Privacy