ramnit | 0f6fbd2f81a455719a414731cae3280b74253d284b1ad77e69079bd56300dba7 | Triage

Submit
Reports

Overview

overview

Static

static

0f6fbd2f81...a7.dll

windows7-x64

0f6fbd2f81...a7.dll

windows10-2004-x64

Sharing

Copy URL Twitter E-mail

General

Target

0f6fbd2f81a455719a414731cae3280b74253d284b1ad77e69079bd56300dba7
Size

556KB
Sample

221205-qz5eqahh4s
MD5

0ce6912e551a11694466aa224fc2c147
SHA1

aee44abdb1be34d06ed4cc6338c0b0e8aa52ad6e
SHA256

0f6fbd2f81a455719a414731cae3280b74253d284b1ad77e69079bd56300dba7
SHA512

b0a2432443df96615bb9b28b0e831302335076a1bd055d03988a15cba40ec74b6cc2e8d17479d280e2635082600929099900e725055f37d6c6b9c06d5cce25ca
SSDEEP

12288:fhpUrEIZJqr1AkBWwNa5R0EYl795/amaX3QXaPKUZv/R28dvMTeJc+:f/jG01NHXaPpY8dcwz

Score

10^/10

ramnit banker spyware stealer trojan upx worm

Static task

static1

Behavioral task

behavioral1

Sample

0f6fbd2f81a455719a414731cae3280b74253d284b1ad77e69079bd56300dba7.dll

Resource

win7-20220901-en

ramnit banker spyware stealer trojan upx worm

windows7-x64

7 signatures

150 seconds

Behavioral task

behavioral2

Sample

0f6fbd2f81a455719a414731cae3280b74253d284b1ad77e69079bd56300dba7.dll

Resource

win10v2004-20220812-en

ramnit banker spyware stealer trojan upx worm

windows10-2004-x64

7 signatures

150 seconds

Malware Config

Targets

- Target
  
  0f6fbd2f81a455719a414731cae3280b74253d284b1ad77e69079bd56300dba7
- Size
  
  556KB
- MD5
  
  0ce6912e551a11694466aa224fc2c147
- SHA1
  
  aee44abdb1be34d06ed4cc6338c0b0e8aa52ad6e
- SHA256
  
  0f6fbd2f81a455719a414731cae3280b74253d284b1ad77e69079bd56300dba7
- SHA512
  
  b0a2432443df96615bb9b28b0e831302335076a1bd055d03988a15cba40ec74b6cc2e8d17479d280e2635082600929099900e725055f37d6c6b9c06d5cce25ca
- SSDEEP
  
  12288:fhpUrEIZJqr1AkBWwNa5R0EYl795/amaX3QXaPKUZv/R28dvMTeJc+:f/jG01NHXaPpY8dcwz
Score

10^/10

ramnit banker spyware stealer trojan upx worm
- Ramnit
  Ramnit is a versatile family that holds viruses, worms, and Trojans.
  trojan spyware stealer worm banker ramnit
- Executes dropped EXE
- UPX packed file
  Detects executables packed with UPX/modified UPX open source packer.
  upx
- Loads dropped DLL
- Drops file in System32 directory
behavioral1 behavioral2

MITRE ATT&CK Matrix

Tasks

static1

behavioral1

ramnitbankerspywarestealertrojanupxworm

behavioral2

ramnitbankerspywarestealertrojanupxworm

© 2018-2025

Terms | Privacy