ramnit | 5102bc5666b56237ff9471870a10562cc7b51e0bd5199af304d03aae08ffc88f | Triage

Submit
Reports

Overview

overview

Static

static

5102bc5666...8f.dll

windows7-x64

5102bc5666...8f.dll

windows10-2004-x64

8

Sharing

Copy URL Twitter E-mail

General

Target

5102bc5666b56237ff9471870a10562cc7b51e0bd5199af304d03aae08ffc88f
Size

168KB
Sample

221129-jtcdesae49
MD5

9dfde919f10b586067b83b0bc9e7919d
SHA1

6530468d608e4a2193f3d51db1b57bf4edf0d357
SHA256

5102bc5666b56237ff9471870a10562cc7b51e0bd5199af304d03aae08ffc88f
SHA512

0cd9056dd86c5f524e2aec2ffd3ecd78331bb362ca7ad96e9b960855aeedb8af9bb2d61264c7c902eb2ad9a4728559642d32f9d803ab51264d4b2f11ff74db24
SSDEEP

3072:zU56QNTz2RSGAj55pFoXg9PN0e2Hq8It7xQJ2KSGQ4AdGNlBc9H:o5tTzySGAj5bCwPpAhI9xOTScK

Score

10^/10

ramnit adware banker spyware stealer trojan upx worm

Static task

static1

Behavioral task

behavioral1

Sample

5102bc5666b56237ff9471870a10562cc7b51e0bd5199af304d03aae08ffc88f.dll

Resource

win7-20221111-en

ramnit adware banker spyware stealer trojan upx worm

windows7-x64

9 signatures

150 seconds

Behavioral task

behavioral2

Sample

5102bc5666b56237ff9471870a10562cc7b51e0bd5199af304d03aae08ffc88f.dll

Resource

win10v2004-20220901-en

windows10-2004-x64

6 signatures

150 seconds

Malware Config

Targets

- Target
  
  5102bc5666b56237ff9471870a10562cc7b51e0bd5199af304d03aae08ffc88f
- Size
  
  168KB
- MD5
  
  9dfde919f10b586067b83b0bc9e7919d
- SHA1
  
  6530468d608e4a2193f3d51db1b57bf4edf0d357
- SHA256
  
  5102bc5666b56237ff9471870a10562cc7b51e0bd5199af304d03aae08ffc88f
- SHA512
  
  0cd9056dd86c5f524e2aec2ffd3ecd78331bb362ca7ad96e9b960855aeedb8af9bb2d61264c7c902eb2ad9a4728559642d32f9d803ab51264d4b2f11ff74db24
- SSDEEP
  
  3072:zU56QNTz2RSGAj55pFoXg9PN0e2Hq8It7xQJ2KSGQ4AdGNlBc9H:o5tTzySGAj5bCwPpAhI9xOTScK
Score

10^/10

ramnit adware banker spyware stealer trojan upx worm
- Ramnit
  Ramnit is a versatile family that holds viruses, worms, and Trojans.
  trojan spyware stealer worm banker ramnit
- Executes dropped EXE
- UPX packed file
  Detects executables packed with UPX/modified UPX open source packer.
  upx
- Loads dropped DLL
- Installs/modifies Browser Helper Object
  BHOs are DLL modules which act as plugins for Internet Explorer.
  stealer adware
- Drops file in System32 directory
behavioral1 behavioral2

MITRE ATT&CK Enterprise v6

Initial Access

Execution

Persistence

Browser Extensions

Privilege Escalation

Defense Evasion

Modify Registry

Credential Access

Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

ramnitadwarebankerspywarestealertrojanupxworm

behavioral2

© 2018-2025

Terms | Privacy