ramnit | e469bcdecfab5a756222181a69beedc9a92a8eac7ed34b26f7ff7fc52a9757c5 | Triage

Submit
Reports

Overview

overview

Static

static

e469bcdecf...c5.exe

windows7-x64

e469bcdecf...c5.exe

windows10-2004-x64

Sharing

General

Target

e469bcdecfab5a756222181a69beedc9a92a8eac7ed34b26f7ff7fc52a9757c5
Size

1.0MB
Sample

221128-yl7xpace59
MD5

5dce5f122b859b71f3f3d36177e64ef4
SHA1

b5dffcc21bec41724a6a62543abf2152e05bca99
SHA256

e469bcdecfab5a756222181a69beedc9a92a8eac7ed34b26f7ff7fc52a9757c5
SHA512

525fe3a40980be5fa7af54443f876b007e0fa696d50a526d64f02ad24076683b41176ef29ca971381d5b186099d57dbe61391bfca733dec47fcfc96b9a887baf
SSDEEP

12288:yLiqcklCQ8UbRS1LTQV5L5I7TqNjtK81fFBc9wER5nWFpPoSl5lLs1:yuBkJ8GR0LTQVh5gTUzFBc9wXbH5W1

Score

10^/10

ramnit banker spyware stealer trojan upx worm

Static task

static1

Behavioral task

behavioral1

Sample

e469bcdecfab5a756222181a69beedc9a92a8eac7ed34b26f7ff7fc52a9757c5.exe

Resource

win7-20220901-en

ramnit banker spyware stealer trojan upx worm

windows7-x64

10 signatures

150 seconds

Behavioral task

behavioral2

Sample

e469bcdecfab5a756222181a69beedc9a92a8eac7ed34b26f7ff7fc52a9757c5.exe

Resource

win10v2004-20221111-en

ramnit banker spyware stealer trojan upx worm

windows10-2004-x64

9 signatures

150 seconds

Malware Config

Targets

- Target
  
  e469bcdecfab5a756222181a69beedc9a92a8eac7ed34b26f7ff7fc52a9757c5
- Size
  
  1.0MB
- MD5
  
  5dce5f122b859b71f3f3d36177e64ef4
- SHA1
  
  b5dffcc21bec41724a6a62543abf2152e05bca99
- SHA256
  
  e469bcdecfab5a756222181a69beedc9a92a8eac7ed34b26f7ff7fc52a9757c5
- SHA512
  
  525fe3a40980be5fa7af54443f876b007e0fa696d50a526d64f02ad24076683b41176ef29ca971381d5b186099d57dbe61391bfca733dec47fcfc96b9a887baf
- SSDEEP
  
  12288:yLiqcklCQ8UbRS1LTQV5L5I7TqNjtK81fFBc9wER5nWFpPoSl5lLs1:yuBkJ8GR0LTQVh5gTUzFBc9wXbH5W1
Score

10^/10

ramnit banker spyware stealer trojan upx worm
- Ramnit
  Ramnit is a versatile family that holds viruses, worms, and Trojans.
  trojan spyware stealer worm banker ramnit
- Executes dropped EXE
- UPX packed file
  Detects executables packed with UPX/modified UPX open source packer.
  upx
- Loads dropped DLL
behavioral1 behavioral2

MITRE ATT&CK Matrix ATT&CK v6

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Modify Registry

Credential Access

Discovery

Lateral Movement

Collection

Exfiltration

Command and Control

Impact

Tasks

static1

behavioral1

ramnitbankerspywarestealertrojanupxworm

behavioral2

ramnitbankerspywarestealertrojanupxworm

© 2018-2024

Terms | Privacy