ramnit | b1be4d6e6f1da09f8819ecbf19cb40e43a2054865eb1516ea47291a8f1d7a334 | Triage

Submit
Reports

Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

Overview

overview

Static

static

b1be4d6e6f...34.exe

windows7-x64

b1be4d6e6f...34.exe

windows10-2004-x64

Sharing

General

Target

b1be4d6e6f1da09f8819ecbf19cb40e43a2054865eb1516ea47291a8f1d7a334
Size

94KB
Sample

221205-kllgssce94
MD5

ff1c4502bd4344b51bd096dfe2ee0aeb
SHA1

68cd884dd88682a1cd0fc9b10a9fac2da54ab99c
SHA256

b1be4d6e6f1da09f8819ecbf19cb40e43a2054865eb1516ea47291a8f1d7a334
SHA512

b4776aa952806db0f84e3d38db242d3d08cc3461aafc66324357aa6e5da5e01131a1ef3fa3ca8ba555f0bda45d4c4cae3b83a62a1e76f7a7fb50561364261743
SSDEEP

1536:vh8Zc0c2TUH53F/y8fnFZTd6Ue6IWVvmfYC+zyl+U8/6OV:J8Zc0h4H53F/y0nzTd6UjIWVvn+ot

Score

10^/10

ramnit banker spyware stealer trojan upx worm

Static task

static1

Behavioral task

behavioral1

Sample

b1be4d6e6f1da09f8819ecbf19cb40e43a2054865eb1516ea47291a8f1d7a334.exe

Resource

win7-20220812-en

ramnit banker spyware stealer trojan upx worm

windows7-x64

5 signatures

150 seconds

Behavioral task

behavioral2

Sample

b1be4d6e6f1da09f8819ecbf19cb40e43a2054865eb1516ea47291a8f1d7a334.exe

Resource

win10v2004-20220812-en

ramnit banker spyware stealer trojan upx worm

windows10-2004-x64

5 signatures

150 seconds

Malware Config

Targets

- Target
  
  b1be4d6e6f1da09f8819ecbf19cb40e43a2054865eb1516ea47291a8f1d7a334
- Size
  
  94KB
- MD5
  
  ff1c4502bd4344b51bd096dfe2ee0aeb
- SHA1
  
  68cd884dd88682a1cd0fc9b10a9fac2da54ab99c
- SHA256
  
  b1be4d6e6f1da09f8819ecbf19cb40e43a2054865eb1516ea47291a8f1d7a334
- SHA512
  
  b4776aa952806db0f84e3d38db242d3d08cc3461aafc66324357aa6e5da5e01131a1ef3fa3ca8ba555f0bda45d4c4cae3b83a62a1e76f7a7fb50561364261743
- SSDEEP
  
  1536:vh8Zc0c2TUH53F/y8fnFZTd6Ue6IWVvmfYC+zyl+U8/6OV:J8Zc0h4H53F/y0nzTd6UjIWVvn+ot
Score

10^/10

ramnit banker spyware stealer trojan upx worm
- Ramnit
  Ramnit is a versatile family that holds viruses, worms, and Trojans.
  trojan spyware stealer worm banker ramnit
- UPX packed file
  Detects executables packed with UPX/modified UPX open source packer.
  upx
- Loads dropped DLL
behavioral1 behavioral2

MITRE ATT&CK Matrix

Tasks

static1

behavioral1

ramnitbankerspywarestealertrojanupxworm

behavioral2

ramnitbankerspywarestealertrojanupxworm

© 2018-2025

Terms | Privacy