ramnit | 1e061d17ed2f09115446a86883259be650c0dc6f11e6db3631882194760e94da | Triage

Submit
Reports

Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

Overview

overview

Static

static

1e061d17ed...da.dll

windows7-x64

1e061d17ed...da.dll

windows10-2004-x64

8

Sharing

General

Target

1e061d17ed2f09115446a86883259be650c0dc6f11e6db3631882194760e94da
Size

712KB
Sample

221205-qzlbvaed99
MD5

b0598f603501f4c19c6b5e12bbad0140
SHA1

58abbab28c4290b4acf8c06b211cd0a495a5cad7
SHA256

1e061d17ed2f09115446a86883259be650c0dc6f11e6db3631882194760e94da
SHA512

5ea1551674e23d26899cc2763cf34c071dedc9b804d944b9738c850fa553ea1059fef8432cf3e026c182ea5d0748bf8b0511ec76a3b01fd16362e95cbebf5876
SSDEEP

12288:KehnaNPpSVZmNxRCwnwm3W3OHIIf5Gs/Yklv44iNAzQxBJ:Keh0PpS6NxNnwYeOHXwKYwtiN3l

Score

10^/10

ramnit banker spyware stealer trojan upx worm

Static task

static1

Behavioral task

behavioral1

Sample

1e061d17ed2f09115446a86883259be650c0dc6f11e6db3631882194760e94da.dll

Resource

win7-20220812-en

ramnit banker spyware stealer trojan upx worm

windows7-x64

11 signatures

150 seconds

Behavioral task

behavioral2

Sample

1e061d17ed2f09115446a86883259be650c0dc6f11e6db3631882194760e94da.dll

Resource

win10v2004-20220812-en

windows10-2004-x64

5 signatures

150 seconds

Malware Config

Targets

- Target
  
  1e061d17ed2f09115446a86883259be650c0dc6f11e6db3631882194760e94da
- Size
  
  712KB
- MD5
  
  b0598f603501f4c19c6b5e12bbad0140
- SHA1
  
  58abbab28c4290b4acf8c06b211cd0a495a5cad7
- SHA256
  
  1e061d17ed2f09115446a86883259be650c0dc6f11e6db3631882194760e94da
- SHA512
  
  5ea1551674e23d26899cc2763cf34c071dedc9b804d944b9738c850fa553ea1059fef8432cf3e026c182ea5d0748bf8b0511ec76a3b01fd16362e95cbebf5876
- SSDEEP
  
  12288:KehnaNPpSVZmNxRCwnwm3W3OHIIf5Gs/Yklv44iNAzQxBJ:Keh0PpS6NxNnwYeOHXwKYwtiN3l
Score

10^/10

ramnit banker spyware stealer trojan upx worm
- Ramnit
  Ramnit is a versatile family that holds viruses, worms, and Trojans.
  trojan spyware stealer worm banker ramnit
- Executes dropped EXE
- UPX packed file
  Detects executables packed with UPX/modified UPX open source packer.
  upx
- Loads dropped DLL
- Drops file in System32 directory
behavioral1 behavioral2

MITRE ATT&CK Enterprise v6

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Modify Registry

Credential Access

Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

ramnitbankerspywarestealertrojanupxworm

behavioral2

© 2018-2025

Terms | Privacy

We care about your privacy.

This website stores cookies on your computer. These cookies are used to improve your website experience and provide more personalized services to you, both on this website and through other media. To find out more about the cookies we use, see our Privacy Policy.