Triage | Malware sandboxing report by Hatching Triage

Sharing

General

Target

9bf6fd6305823fdc46f440947c453c9b25fc5a558552d49f210136c3d39a0c64
Size

94KB
Sample

230129-qbzjkahg6z
MD5

13eb3016cfc7c0d19262104ff4d76b9f
SHA1

a51fc76b9cc91c5a64d9e01607ccc55a3f70b77e
SHA256

9bf6fd6305823fdc46f440947c453c9b25fc5a558552d49f210136c3d39a0c64
SHA512

7bc8a0627ca3f723d36bd033a5691b951bf9422754c96bbb4579a985e0a5f8444212508c4fef3b1bee912b47a650339340fc12730af67ea1058116478c478750
SSDEEP

1536:c2iAx9tTrvqoCSrZOEUoEUd1nIC1hvYE/QVn2RCvsniyXlpAlo1eh+cy:cGvF1nIIYT2IKDm1hvy

Score

10^/10

ramnit banker spyware stealer trojan upx worm

Malware Config

Targets

- Target
  
  9bf6fd6305823fdc46f440947c453c9b25fc5a558552d49f210136c3d39a0c64
- Size
  
  94KB
- MD5
  
  13eb3016cfc7c0d19262104ff4d76b9f
- SHA1
  
  a51fc76b9cc91c5a64d9e01607ccc55a3f70b77e
- SHA256
  
  9bf6fd6305823fdc46f440947c453c9b25fc5a558552d49f210136c3d39a0c64
- SHA512
  
  7bc8a0627ca3f723d36bd033a5691b951bf9422754c96bbb4579a985e0a5f8444212508c4fef3b1bee912b47a650339340fc12730af67ea1058116478c478750
- SSDEEP
  
  1536:c2iAx9tTrvqoCSrZOEUoEUd1nIC1hvYE/QVn2RCvsniyXlpAlo1eh+cy:cGvF1nIIYT2IKDm1hvy
Score

10^/10

ramnit banker spyware stealer trojan upx worm
- Ramnit
  Ramnit is a versatile family that holds viruses, worms, and Trojans.
  trojan spyware stealer worm banker ramnit
- UPX packed file
  Detects executables packed with UPX/modified UPX open source packer.
  upx
- Loads dropped DLL
behavioral1 behavioral2

MITRE ATT&CK Matrix

Collection

Command and Control

Credential Access

Defense Evasion

Discovery

Execution

Exfiltration

Impact

Initial Access

Lateral Movement

Persistence

Privilege Escalation

Tasks

static1

behavioral1

ramnitbankerspywarestealertrojanupxworm

behavioral2

ramnitbankerspywarestealertrojanupxworm