ramnit | 029a20e3ce82aab01556bc499e3d3bcb65d391e25942d64d315445347e30df1a | Triage

Submit
Reports

Overview

overview

Static

static

3

029a20e3ce...1a.dll

windows7-x64

029a20e3ce...1a.dll

windows10-2004-x64

Sharing

General

Target

029a20e3ce82aab01556bc499e3d3bcb65d391e25942d64d315445347e30df1a
Size

2.5MB
Sample

231204-lack7aab81
MD5

b0db75317ee5c4e062fd1747b546be89
SHA1

64d9155299f202f3c7020905d8a4533cb1e0b4bc
SHA256

029a20e3ce82aab01556bc499e3d3bcb65d391e25942d64d315445347e30df1a
SHA512

9d77e8375f3cbeb94c1528d0117ccf5ecacd64c2e4aa66e13c60b3b02b430dd9e4f6063488b6df30e77f5945c4430cc1d66e556c07a3e921623baf847ce6a203
SSDEEP

49152:Trf3GCVf10Y0NiyPeJ0+Nnpm4ySPBkeTA/80T:Trf33TF0IymJxnwdWk7

Score

10^/10

ramnit banker spyware stealer trojan upx worm

Static task

static1

1 signatures

Behavioral task

behavioral1

Sample

029a20e3ce82aab01556bc499e3d3bcb65d391e25942d64d315445347e30df1a.dll

Resource

win7-20231020-en

ramnit banker spyware stealer trojan upx worm

windows7-x64

12 signatures

150 seconds

Behavioral task

behavioral2

Sample

029a20e3ce82aab01556bc499e3d3bcb65d391e25942d64d315445347e30df1a.dll

Resource

win10v2004-20231127-en

ramnit banker spyware stealer trojan upx worm

windows10-2004-x64

12 signatures

150 seconds

Malware Config

Targets

- Target
  
  029a20e3ce82aab01556bc499e3d3bcb65d391e25942d64d315445347e30df1a
- Size
  
  2.5MB
- MD5
  
  b0db75317ee5c4e062fd1747b546be89
- SHA1
  
  64d9155299f202f3c7020905d8a4533cb1e0b4bc
- SHA256
  
  029a20e3ce82aab01556bc499e3d3bcb65d391e25942d64d315445347e30df1a
- SHA512
  
  9d77e8375f3cbeb94c1528d0117ccf5ecacd64c2e4aa66e13c60b3b02b430dd9e4f6063488b6df30e77f5945c4430cc1d66e556c07a3e921623baf847ce6a203
- SSDEEP
  
  49152:Trf3GCVf10Y0NiyPeJ0+Nnpm4ySPBkeTA/80T:Trf33TF0IymJxnwdWk7
Score

10^/10

ramnit banker spyware stealer trojan upx worm
- Ramnit
  Ramnit is a versatile family that holds viruses, worms, and Trojans.
  trojan spyware stealer worm banker ramnit
- Executes dropped EXE
- Loads dropped DLL
- UPX packed file
  Detects executables packed with UPX/modified UPX open source packer.
  upx
- Drops file in System32 directory
behavioral1 behavioral2

MITRE ATT&CK Matrix ATT&CK v13

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Modify Registry

Credential Access

Discovery

Lateral Movement

Collection

Exfiltration

Command and Control

Impact

Resource Development

Reconnaissance

Tasks

static1

behavioral1

ramnitbankerspywarestealertrojanupxworm

behavioral2

ramnitbankerspywarestealertrojanupxworm

© 2018-2024

Terms | Privacy