ramnit | 01e674c96e195bfce6d2fd3628fddb61115bce0ce4d7b3a7090e00aef181b50e | Triage

Submit
Reports

Overview

overview

Static

static

3

01e674c96e...0e.dll

windows7-x64

01e674c96e...0e.dll

windows10-2004-x64

Sharing

General

Target

01e674c96e195bfce6d2fd3628fddb61115bce0ce4d7b3a7090e00aef181b50e
Size

2.9MB
Sample

231204-x3g7xseh25
MD5

916e2ab3eb51a6c691ba4017d60aaefd
SHA1

a783b4f6ba3ade9a8bbc5b2e8dc102b1b4ca6e60
SHA256

01e674c96e195bfce6d2fd3628fddb61115bce0ce4d7b3a7090e00aef181b50e
SHA512

5674c2a57b44952364b9998c573c2ef7ec1a4605f8b5dce0ec7b466dc9ac5df6f00b76dad64b5da2793cc957a1c8b00597ad3ece4e3b237d668eaf6d090063cb
SSDEEP

49152:+mlr6FEE1gtUoQAir5BBpJ11brhkUFc78IRT10QK+:+mlr6FEE1gtHcpJ5Fc7ft

Score

10^/10

ramnit banker spyware stealer trojan upx worm

Static task

static1

1 signatures

Behavioral task

behavioral1

Sample

01e674c96e195bfce6d2fd3628fddb61115bce0ce4d7b3a7090e00aef181b50e.dll

Resource

win7-20231130-en

ramnit banker spyware stealer trojan upx worm

windows7-x64

12 signatures

150 seconds

Behavioral task

behavioral2

Sample

01e674c96e195bfce6d2fd3628fddb61115bce0ce4d7b3a7090e00aef181b50e.dll

Resource

win10v2004-20231201-en

ramnit banker spyware stealer trojan upx worm

windows10-2004-x64

12 signatures

150 seconds

Malware Config

Targets

- Target
  
  01e674c96e195bfce6d2fd3628fddb61115bce0ce4d7b3a7090e00aef181b50e
- Size
  
  2.9MB
- MD5
  
  916e2ab3eb51a6c691ba4017d60aaefd
- SHA1
  
  a783b4f6ba3ade9a8bbc5b2e8dc102b1b4ca6e60
- SHA256
  
  01e674c96e195bfce6d2fd3628fddb61115bce0ce4d7b3a7090e00aef181b50e
- SHA512
  
  5674c2a57b44952364b9998c573c2ef7ec1a4605f8b5dce0ec7b466dc9ac5df6f00b76dad64b5da2793cc957a1c8b00597ad3ece4e3b237d668eaf6d090063cb
- SSDEEP
  
  49152:+mlr6FEE1gtUoQAir5BBpJ11brhkUFc78IRT10QK+:+mlr6FEE1gtHcpJ5Fc7ft
Score

10^/10

ramnit banker spyware stealer trojan upx worm
- Ramnit
  Ramnit is a versatile family that holds viruses, worms, and Trojans.
  trojan spyware stealer worm banker ramnit
- Executes dropped EXE
- Loads dropped DLL
- UPX packed file
  Detects executables packed with UPX/modified UPX open source packer.
  upx
- Drops file in System32 directory
behavioral1 behavioral2

MITRE ATT&CK Matrix ATT&CK v13

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Modify Registry

Credential Access

Discovery

Lateral Movement

Collection

Exfiltration

Command and Control

Impact

Resource Development

Reconnaissance

Tasks

static1

behavioral1

ramnitbankerspywarestealertrojanupxworm

behavioral2

ramnitbankerspywarestealertrojanupxworm

© 2018-2024

Terms | Privacy