ramnit | f1b7d1731f2cbcf27babe8afe3d2f7a3e7b060ca1c9dfa1f8f5dcb3ca9811dfd | Triage

Submit
Reports

Overview

overview

Static

static

f1b7d1731f...fd.dll

windows7-x64

8

f1b7d1731f...fd.dll

windows10-2004-x64

Sharing

Copy URL Twitter E-mail

General

Target

f1b7d1731f2cbcf27babe8afe3d2f7a3e7b060ca1c9dfa1f8f5dcb3ca9811dfd
Size

294KB
Sample

221129-tjcxbade94
MD5

a7de27d7514c03ee6e037eaea742cd30
SHA1

2372da87d7a437f7cb8627425e536293f71c6b71
SHA256

f1b7d1731f2cbcf27babe8afe3d2f7a3e7b060ca1c9dfa1f8f5dcb3ca9811dfd
SHA512

cd5ec2f7b09e0a4da696063f7cc6a7eb683fdbc6b85b0620565944ec00a7389c6e4e98f8a34dee4daf7b48dea3fd69ac27a4bb1d613ecd71dee1c676eeadda1f
SSDEEP

6144:DxGMku94XCzTurXzXRlbDC9K69u2m+SqOWcsQQKiY4leDDGoggH/VREG6j4Gm01f:DxGCOXzXRlbDC9K69u2m+SqOWcsQQKiX

Score

10^/10

ramnit banker spyware stealer trojan upx worm

Static task

static1

Behavioral task

behavioral1

Sample

f1b7d1731f2cbcf27babe8afe3d2f7a3e7b060ca1c9dfa1f8f5dcb3ca9811dfd.dll

Resource

win7-20221111-en

windows7-x64

4 signatures

150 seconds

Behavioral task

behavioral2

Sample

f1b7d1731f2cbcf27babe8afe3d2f7a3e7b060ca1c9dfa1f8f5dcb3ca9811dfd.dll

Resource

win10v2004-20221111-en

ramnit banker spyware stealer trojan upx worm

windows10-2004-x64

8 signatures

150 seconds

Malware Config

Targets

- Target
  
  f1b7d1731f2cbcf27babe8afe3d2f7a3e7b060ca1c9dfa1f8f5dcb3ca9811dfd
- Size
  
  294KB
- MD5
  
  a7de27d7514c03ee6e037eaea742cd30
- SHA1
  
  2372da87d7a437f7cb8627425e536293f71c6b71
- SHA256
  
  f1b7d1731f2cbcf27babe8afe3d2f7a3e7b060ca1c9dfa1f8f5dcb3ca9811dfd
- SHA512
  
  cd5ec2f7b09e0a4da696063f7cc6a7eb683fdbc6b85b0620565944ec00a7389c6e4e98f8a34dee4daf7b48dea3fd69ac27a4bb1d613ecd71dee1c676eeadda1f
- SSDEEP
  
  6144:DxGMku94XCzTurXzXRlbDC9K69u2m+SqOWcsQQKiY4leDDGoggH/VREG6j4Gm01f:DxGCOXzXRlbDC9K69u2m+SqOWcsQQKiX
Score

10^/10

ramnit banker spyware stealer trojan upx worm
- Ramnit
  Ramnit is a versatile family that holds viruses, worms, and Trojans.
  trojan spyware stealer worm banker ramnit
- Executes dropped EXE
- UPX packed file
  Detects executables packed with UPX/modified UPX open source packer.
  upx
- Loads dropped DLL
- Drops file in System32 directory
behavioral1 behavioral2

MITRE ATT&CK Matrix

Tasks

static1

behavioral1

behavioral2

ramnitbankerspywarestealertrojanupxworm

© 2018-2025

Terms | Privacy