ramnit | 97db566af656abd58c651dece63b9a45d212433e3e38bf73b04eb17b65799a5d | Triage

Submit
Reports

Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

Overview

overview

Static

static

97db566af6...5d.exe

windows7-x64

97db566af6...5d.exe

windows10-2004-x64

Sharing

General

Target

97db566af656abd58c651dece63b9a45d212433e3e38bf73b04eb17b65799a5d
Size

97KB
Sample

221203-1acnhsbb5y
MD5

015365be6d6ca1c5bb82fd6787453c1e
SHA1

1961eb9cbf4d15aebce45a018f6cd0345b9f935d
SHA256

97db566af656abd58c651dece63b9a45d212433e3e38bf73b04eb17b65799a5d
SHA512

388b361cbacda4aec9f2770f794eda8ea7d32796ce13c983f09d52ad31fb57259d70a77f4ff545bc926afa44985ae753c509347369d4155f73fc6eeb1dcc421e
SSDEEP

1536:YzZZpp48Zd0lo+4EMMyO3OexOSEowTwBjzvcmJoxDWqfqNII2Ca2B:GZSlI/HUOjSiToj7CEqfqg2B

Score

10^/10

ramnit banker spyware stealer trojan upx worm

Static task

static1

Behavioral task

behavioral1

Sample

97db566af656abd58c651dece63b9a45d212433e3e38bf73b04eb17b65799a5d.exe

Resource

win7-20220901-en

ramnit banker spyware stealer trojan upx worm

windows7-x64

3 signatures

150 seconds

Behavioral task

behavioral2

Sample

97db566af656abd58c651dece63b9a45d212433e3e38bf73b04eb17b65799a5d.exe

Resource

win10v2004-20220812-en

ramnit banker spyware stealer trojan upx worm

windows10-2004-x64

4 signatures

150 seconds

Malware Config

Targets

- Target
  
  97db566af656abd58c651dece63b9a45d212433e3e38bf73b04eb17b65799a5d
- Size
  
  97KB
- MD5
  
  015365be6d6ca1c5bb82fd6787453c1e
- SHA1
  
  1961eb9cbf4d15aebce45a018f6cd0345b9f935d
- SHA256
  
  97db566af656abd58c651dece63b9a45d212433e3e38bf73b04eb17b65799a5d
- SHA512
  
  388b361cbacda4aec9f2770f794eda8ea7d32796ce13c983f09d52ad31fb57259d70a77f4ff545bc926afa44985ae753c509347369d4155f73fc6eeb1dcc421e
- SSDEEP
  
  1536:YzZZpp48Zd0lo+4EMMyO3OexOSEowTwBjzvcmJoxDWqfqNII2Ca2B:GZSlI/HUOjSiToj7CEqfqg2B
Score

10^/10

ramnit banker spyware stealer trojan upx worm
- Ramnit
  Ramnit is a versatile family that holds viruses, worms, and Trojans.
  trojan spyware stealer worm banker ramnit
- UPX packed file
  Detects executables packed with UPX/modified UPX open source packer.
  upx
- Loads dropped DLL
behavioral1 behavioral2

MITRE ATT&CK Matrix

Tasks

static1

behavioral1

ramnitbankerspywarestealertrojanupxworm

behavioral2

ramnitbankerspywarestealertrojanupxworm

© 2018-2025

Terms | Privacy