ramnit | c059a32f921f670c8db1697cda5adf502cb95c8fec8fe3040a5ee647c784c3bd | Triage

Sharing

General

Target

c059a32f921f670c8db1697cda5adf502cb95c8fec8fe3040a5ee647c784c3bd
Size

50KB
Sample

221206-rph96shh2x
MD5

350a1d996529d453fa9defcdc726b40b
SHA1

cd4f2d27824110424dcc7992eb9d74e9155a2720
SHA256

c059a32f921f670c8db1697cda5adf502cb95c8fec8fe3040a5ee647c784c3bd
SHA512

a2b2cdfb61613426cdb9bf6b2530835c2e1afa8f9e3cf44803ad0683eeb405f737f1e8886e655688ff0a906732e91e463b3b6df111af24e36f3cdbb0d2c49ca1
SSDEEP

768:dY3s+AgMsM06FCiqOzDxANKedkqQDL0pxbZoky4vynGA+NeHG/hIq/jA7i5O:jrCiqIDxANKedk5SxOvGAKB9bdk

Score

10^/10

ramnit banker spyware stealer trojan worm

Malware Config

Targets

- Target
  
  c059a32f921f670c8db1697cda5adf502cb95c8fec8fe3040a5ee647c784c3bd
- Size
  
  50KB
- MD5
  
  350a1d996529d453fa9defcdc726b40b
- SHA1
  
  cd4f2d27824110424dcc7992eb9d74e9155a2720
- SHA256
  
  c059a32f921f670c8db1697cda5adf502cb95c8fec8fe3040a5ee647c784c3bd
- SHA512
  
  a2b2cdfb61613426cdb9bf6b2530835c2e1afa8f9e3cf44803ad0683eeb405f737f1e8886e655688ff0a906732e91e463b3b6df111af24e36f3cdbb0d2c49ca1
- SSDEEP
  
  768:dY3s+AgMsM06FCiqOzDxANKedkqQDL0pxbZoky4vynGA+NeHG/hIq/jA7i5O:jrCiqIDxANKedk5SxOvGAKB9bdk
Score

10^/10

ramnit banker spyware stealer trojan worm
- Ramnit
  Ramnit is a versatile family that holds viruses, worms, and Trojans.
  trojan spyware stealer worm banker ramnit
- Checks BIOS information in registry
  BIOS information is often read in order to detect sandboxing environments.
- Drops startup file
behavioral1 behavioral2

MITRE ATT&CK Enterprise v6

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Query Registry

System Information Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

ramnitbankerspywarestealertrojanworm

behavioral2

ramnitbankerspywarestealertrojanworm