ramnit | 3637505548f6000e02830f568061b07fa80bd8d21ca60cd938c335b130e16ad5 | Triage

Submit
Reports

Overview

overview

Static

static

3

3637505548...d5.dll

windows7-x64

3637505548...d5.dll

windows10-2004-x64

7

Sharing

Copy URL Twitter E-mail

General

Target

3637505548f6000e02830f568061b07fa80bd8d21ca60cd938c335b130e16ad5
Size

2.5MB
Sample

231117-myqy6agh38
MD5

e7c690ef027a9239d5c69e5b74e654fd
SHA1

9b4ebc19b41128f7c9939a753c0b50d474977de5
SHA256

3637505548f6000e02830f568061b07fa80bd8d21ca60cd938c335b130e16ad5
SHA512

7914a18a187e632a3d543bf122a13de94268163b60a89d279a755a5f1f7ae9c1cc1c58b288c59cdc35c07ec0fc0c860371bc8d198ec8b8148600b4317b279e48
SSDEEP

49152:oia4dgD4jKPzhD1NI7sH5OpwnfyUjGpaxUKWmSzouTYjVaFZc:oiMD4jGzhnI77wnfjjma+KWmSzQoF6

Score

10^/10

ramnit banker spyware stealer trojan upx worm

Static task

static1

1 signatures

Behavioral task

behavioral1

Sample

3637505548f6000e02830f568061b07fa80bd8d21ca60cd938c335b130e16ad5.dll

Resource

win7-20231023-en

ramnit banker spyware stealer trojan upx worm

windows7-x64

12 signatures

150 seconds

Behavioral task

behavioral2

Sample

3637505548f6000e02830f568061b07fa80bd8d21ca60cd938c335b130e16ad5.dll

Resource

win10v2004-20231023-en

windows10-2004-x64

5 signatures

150 seconds

Malware Config

Targets

- Target
  
  3637505548f6000e02830f568061b07fa80bd8d21ca60cd938c335b130e16ad5
- Size
  
  2.5MB
- MD5
  
  e7c690ef027a9239d5c69e5b74e654fd
- SHA1
  
  9b4ebc19b41128f7c9939a753c0b50d474977de5
- SHA256
  
  3637505548f6000e02830f568061b07fa80bd8d21ca60cd938c335b130e16ad5
- SHA512
  
  7914a18a187e632a3d543bf122a13de94268163b60a89d279a755a5f1f7ae9c1cc1c58b288c59cdc35c07ec0fc0c860371bc8d198ec8b8148600b4317b279e48
- SSDEEP
  
  49152:oia4dgD4jKPzhD1NI7sH5OpwnfyUjGpaxUKWmSzouTYjVaFZc:oiMD4jGzhnI77wnfjjma+KWmSzQoF6
Score

10^/10

ramnit banker spyware stealer trojan upx worm
- Ramnit
  Ramnit is a versatile family that holds viruses, worms, and Trojans.
  trojan spyware stealer worm banker ramnit
- Executes dropped EXE
- Loads dropped DLL
- UPX packed file
  Detects executables packed with UPX/modified UPX open source packer.
  upx
- Drops file in System32 directory
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Modify Registry

Credential Access

Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

ramnitbankerspywarestealertrojanupxworm

behavioral2

© 2018-2025

Terms | Privacy