ramnit | 2f80d1c619be24c647ae080eb41b863e623f1094f1b746516e2c72a63ffbd18d | Triage

Submit
Reports

Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

Overview

overview

Static

static

2f80d1c619...8d.dll

windows7-x64

2f80d1c619...8d.dll

windows10-2004-x64

Sharing

General

Target

2f80d1c619be24c647ae080eb41b863e623f1094f1b746516e2c72a63ffbd18d
Size

256KB
Sample

221129-jvlcqaaf48
MD5

5ccef01c931b191f115bd8d92a5404d0
SHA1

6f4f4d483b986e17ba7b9bb607ee6bd943b671ad
SHA256

2f80d1c619be24c647ae080eb41b863e623f1094f1b746516e2c72a63ffbd18d
SHA512

813995ae52d81cf7bf05c01748873c7697c5731070be87b85df8142b724de18527e0b4bbe181f94b980315c867653e17e4c85f2068f0022628bfa7986bb6f5b4
SSDEEP

6144:fIFVzaBPfJZPnzPr3JaMHDnZE3p+NAYDr4Vw/OYrG/:izaBPfJZJzHDnZE3p+2Yd/Oj

Score

10^/10

ramnit banker spyware stealer trojan upx worm

Static task

static1

Behavioral task

behavioral1

Sample

2f80d1c619be24c647ae080eb41b863e623f1094f1b746516e2c72a63ffbd18d.dll

Resource

win7-20220812-en

ramnit banker spyware stealer trojan upx worm

windows7-x64

7 signatures

150 seconds

Behavioral task

behavioral2

Sample

2f80d1c619be24c647ae080eb41b863e623f1094f1b746516e2c72a63ffbd18d.dll

Resource

win10v2004-20220812-en

ramnit banker spyware stealer trojan upx worm

windows10-2004-x64

7 signatures

150 seconds

Malware Config

Targets

- Target
  
  2f80d1c619be24c647ae080eb41b863e623f1094f1b746516e2c72a63ffbd18d
- Size
  
  256KB
- MD5
  
  5ccef01c931b191f115bd8d92a5404d0
- SHA1
  
  6f4f4d483b986e17ba7b9bb607ee6bd943b671ad
- SHA256
  
  2f80d1c619be24c647ae080eb41b863e623f1094f1b746516e2c72a63ffbd18d
- SHA512
  
  813995ae52d81cf7bf05c01748873c7697c5731070be87b85df8142b724de18527e0b4bbe181f94b980315c867653e17e4c85f2068f0022628bfa7986bb6f5b4
- SSDEEP
  
  6144:fIFVzaBPfJZPnzPr3JaMHDnZE3p+NAYDr4Vw/OYrG/:izaBPfJZJzHDnZE3p+2Yd/Oj
Score

10^/10

ramnit banker spyware stealer trojan upx worm
- Ramnit
  Ramnit is a versatile family that holds viruses, worms, and Trojans.
  trojan spyware stealer worm banker ramnit
- Executes dropped EXE
- UPX packed file
  Detects executables packed with UPX/modified UPX open source packer.
  upx
- Loads dropped DLL
- Drops file in System32 directory
behavioral1 behavioral2

MITRE ATT&CK Matrix

Tasks

static1

behavioral1

ramnitbankerspywarestealertrojanupxworm

behavioral2

ramnitbankerspywarestealertrojanupxworm

© 2018-2025

Terms | Privacy