ramnit | 713958d8c97829211d9812d1911cb96e002997078d07197d6c6b841cf7a87410 | Triage

Submit
Reports

Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

Overview

overview

Static

static

713958d8c9...10.dll

windows7-x64

713958d8c9...10.dll

windows10-2004-x64

Sharing

General

Target

713958d8c97829211d9812d1911cb96e002997078d07197d6c6b841cf7a87410
Size

415KB
Sample

221129-jqzpjsdd4v
MD5

a14059423dc51c62438f411edc18f310
SHA1

cda6a98b89eb4b86a4fe6bcb664e19564044bb86
SHA256

713958d8c97829211d9812d1911cb96e002997078d07197d6c6b841cf7a87410
SHA512

52dea35cc31599670e834c9e344ca8950ea741b76e1f71ad1144a52093a2d1bf470f1604ad56f78125342a9382172444c8ad6a570da4debb09731eecfa74ff14
SSDEEP

12288:PG9j9IOiSjGY84OVA4p/LDDXJJ8LadERe:++SjL84OO4VLDD5jSe

Score

10^/10

ramnit banker spyware stealer trojan upx worm

Static task

static1

Behavioral task

behavioral1

Sample

713958d8c97829211d9812d1911cb96e002997078d07197d6c6b841cf7a87410.dll

Resource

win7-20220812-en

ramnit banker spyware stealer trojan upx worm

windows7-x64

7 signatures

150 seconds

Behavioral task

behavioral2

Sample

713958d8c97829211d9812d1911cb96e002997078d07197d6c6b841cf7a87410.dll

Resource

win10v2004-20220812-en

ramnit banker spyware stealer trojan upx worm

windows10-2004-x64

7 signatures

150 seconds

Malware Config

Targets

- Target
  
  713958d8c97829211d9812d1911cb96e002997078d07197d6c6b841cf7a87410
- Size
  
  415KB
- MD5
  
  a14059423dc51c62438f411edc18f310
- SHA1
  
  cda6a98b89eb4b86a4fe6bcb664e19564044bb86
- SHA256
  
  713958d8c97829211d9812d1911cb96e002997078d07197d6c6b841cf7a87410
- SHA512
  
  52dea35cc31599670e834c9e344ca8950ea741b76e1f71ad1144a52093a2d1bf470f1604ad56f78125342a9382172444c8ad6a570da4debb09731eecfa74ff14
- SSDEEP
  
  12288:PG9j9IOiSjGY84OVA4p/LDDXJJ8LadERe:++SjL84OO4VLDD5jSe
Score

10^/10

ramnit banker spyware stealer trojan upx worm
- Ramnit
  Ramnit is a versatile family that holds viruses, worms, and Trojans.
  trojan spyware stealer worm banker ramnit
- Executes dropped EXE
- UPX packed file
  Detects executables packed with UPX/modified UPX open source packer.
  upx
- Loads dropped DLL
- Drops file in System32 directory
behavioral1 behavioral2

MITRE ATT&CK Matrix

Tasks

static1

behavioral1

ramnitbankerspywarestealertrojanupxworm

behavioral2

ramnitbankerspywarestealertrojanupxworm

© 2018-2025

Terms | Privacy