ramnit | f438ad7cf22e3f5156fa6f5d6960b386f72d2a468883681714e28733a4dc9309 | Triage

Submit
Reports

Overview

overview

Static

static

f438ad7cf2...09.dll

windows7-x64

f438ad7cf2...09.dll

windows10-2004-x64

Sharing

General

Target

f438ad7cf22e3f5156fa6f5d6960b386f72d2a468883681714e28733a4dc9309
Size

432KB
Sample

221202-gyctmsdg3s
MD5

7ff26362d97fe5e5f5e0d3bf359f57f0
SHA1

4d4108e8ee815f0bf65234209d9996852cb69683
SHA256

f438ad7cf22e3f5156fa6f5d6960b386f72d2a468883681714e28733a4dc9309
SHA512

565866346ae58bfa6d8dded4d40f9755bcc25295881509b86a0125babdd71e689e3acd75e6fa6b7fadc31fbab3fe0373d6ad485e8edad8d6db2ce53ac83babc4
SSDEEP

6144:eXo450qjYthP24A+NONm/IVsQqR36aHWPX6ojylBIce1EFAOuUJ9sY:eXo450qjYthuCNIm/kqF6a2FjyHIDi

Score

10^/10

ramnit banker spyware stealer trojan upx worm

Static task

static1

Behavioral task

behavioral1

Sample

f438ad7cf22e3f5156fa6f5d6960b386f72d2a468883681714e28733a4dc9309.dll

Resource

win7-20221111-en

ramnit banker spyware stealer trojan upx worm

windows7-x64

11 signatures

150 seconds

Behavioral task

behavioral2

Sample

f438ad7cf22e3f5156fa6f5d6960b386f72d2a468883681714e28733a4dc9309.dll

Resource

win10v2004-20220812-en

ramnit banker spyware stealer trojan upx worm

windows10-2004-x64

11 signatures

150 seconds

Malware Config

Targets

- Target
  
  f438ad7cf22e3f5156fa6f5d6960b386f72d2a468883681714e28733a4dc9309
- Size
  
  432KB
- MD5
  
  7ff26362d97fe5e5f5e0d3bf359f57f0
- SHA1
  
  4d4108e8ee815f0bf65234209d9996852cb69683
- SHA256
  
  f438ad7cf22e3f5156fa6f5d6960b386f72d2a468883681714e28733a4dc9309
- SHA512
  
  565866346ae58bfa6d8dded4d40f9755bcc25295881509b86a0125babdd71e689e3acd75e6fa6b7fadc31fbab3fe0373d6ad485e8edad8d6db2ce53ac83babc4
- SSDEEP
  
  6144:eXo450qjYthP24A+NONm/IVsQqR36aHWPX6ojylBIce1EFAOuUJ9sY:eXo450qjYthuCNIm/kqF6a2FjyHIDi
Score

10^/10

ramnit banker spyware stealer trojan upx worm
- Ramnit
  Ramnit is a versatile family that holds viruses, worms, and Trojans.
  trojan spyware stealer worm banker ramnit
- Executes dropped EXE
- UPX packed file
  Detects executables packed with UPX/modified UPX open source packer.
  upx
- Loads dropped DLL
- Drops file in System32 directory
behavioral1 behavioral2

MITRE ATT&CK Matrix ATT&CK v6

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Modify Registry

Credential Access

Discovery

Lateral Movement

Collection

Exfiltration

Command and Control

Impact

Tasks

static1

behavioral1

ramnitbankerspywarestealertrojanupxworm

behavioral2

ramnitbankerspywarestealertrojanupxworm

© 2018-2024

Terms | Privacy