ramnit | 40364afd6375d116623d1f932c865efcb41b1b9658c3e7276e594ae229cb16d8 | Triage

Submit
Reports

Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

Overview

overview

Static

static

3

SuperDebug.exe

windows7-x64

SuperDebug.exe

windows10-2004-x64

绿色下载站.url

windows7-x64

1

绿色下载站.url

windows10-2004-x64

1

绿色下�...��.url

windows7-x64

1

绿色下�...��.url

windows10-2004-x64

1

Sharing

General

Target

231e2e4698bdc26d8a93bd40594315d7
Size

383KB
Sample

231231-b3z7vafehn
MD5

231e2e4698bdc26d8a93bd40594315d7
SHA1

2ba8aa93561ceca48de082845bfa07fbc9cdd13b
SHA256

40364afd6375d116623d1f932c865efcb41b1b9658c3e7276e594ae229cb16d8
SHA512

e6bd8f1b4437ae4ef9f5463af46e044524548b9a72c047f0ac97c0d116fa8022df592e3823a3c42e39f3a0ddeadde8af49fe17bfbed0604185d6f1a785255228
SSDEEP

6144:p5F4Bk+o4OPtWnaiJ3QdkcfRbf27V4KVfq7fkTNa6kj8ivNymRpfwsJZ9hmCnb8g:PVZ42qaixm82kCNbj8ivN3H4izhmJg

Score

10^/10

ramnit banker spyware stealer trojan upx worm

Static task

static1

1 signatures

Behavioral task

behavioral1

Sample

SuperDebug.exe

Resource

win7-20231215-en

ramnit banker spyware stealer trojan upx worm

windows7-x64

10 signatures

150 seconds

Behavioral task

behavioral2

Sample

SuperDebug.exe

Resource

win10v2004-20231215-en

ramnit banker spyware stealer trojan upx worm

windows10-2004-x64

9 signatures

150 seconds

Behavioral task

behavioral3

Sample

绿色下载站.url

Resource

win7-20231129-en

windows7-x64

0 signatures

150 seconds

Behavioral task

behavioral4

Sample

绿色下载站.url

Resource

win10v2004-20231222-en

windows10-2004-x64

0 signatures

150 seconds

Behavioral task

behavioral5

Sample

绿色下载站_百度搜索.url

Resource

win7-20231129-en

windows7-x64

0 signatures

150 seconds

Behavioral task

behavioral6

Sample

绿色下载站_百度搜索.url

Resource

win10v2004-20231215-en

windows10-2004-x64

0 signatures

150 seconds

Malware Config

Targets

- Target
  
  SuperDebug.exe
- Size
  
  851KB
- MD5
  
  91c86d309860a56ce80e9a493a224e00
- SHA1
  
  2305910467169ce81251e5806eb8630cf1adfec4
- SHA256
  
  c97f87fa5056c992abdb21babd803d117432b0e9cc9fc3126005497c29628ac9
- SHA512
  
  064d552a6e78003828767e40db49efdd69093dfea00b58dc353eaa23f57c871bc86fc36089d0f98d9bc7e9c7086310122c3d873084c8261f55bfe2c9e7671ad2
- SSDEEP
  
  12288:6eOYmHyNYLoQAUHBXNszSDaIQhkutlzpoGzzcUotHD3pZfavKPluH25izhm:6ePmHyNYLoQAUHBXNjJshDEPH7hcKi
Score

10^/10

ramnit banker spyware stealer trojan upx worm
- Ramnit
  Ramnit is a versatile family that holds viruses, worms, and Trojans.
  trojan spyware stealer worm banker ramnit
- Executes dropped EXE
- Loads dropped DLL
- UPX packed file
  Detects executables packed with UPX/modified UPX open source packer.
  upx
behavioral1 behavioral2
- Target
  
  绿色下载站.url
- Size
  
  271B
- MD5
  
  2716d7679ee5319c650ac158776649f9
- SHA1
  
  0434c31dd1f23f6019aa0c48c8c75b70f2f273fb
- SHA256
  
  bd48cdce63e12b36374535de6845444cd805b89675aa56ad94a934a0156db9c9
- SHA512
  
  2e4cd9d6cc4fbb553306fdf93b794cf2bf23f01278894cd51a47a24c56a0a0ced5d319782eea907ccb567cd03fec21dbf9efcd232c503becd89bdbc4ea7e9bbe
Score

1^/10
behavioral3 behavioral4
- Target
  
  绿色下载站_百度搜索.url
- Size
  
  582B
- MD5
  
  925b5ed6a6f8c6ad3cda39bdbc9b8936
- SHA1
  
  c5d4ac011047cbcc5878fb766e8032d579be079c
- SHA256
  
  03c4cdc2f327762fe2b236ede077597cdadce5ea29eb7bece4923b91d13e27e0
- SHA512
  
  be8bb7af2edc56343a213ad136e1e24d2cb4b3f7963b445f2377e972bb2929002b27e175781fec3c952b61f38391d89446d511fbf35c0fc08ffaea41272811dd
Score

1^/10
behavioral5 behavioral6

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Modify Registry

Credential Access

Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

ramnitbankerspywarestealertrojanupxworm

behavioral2

ramnitbankerspywarestealertrojanupxworm

behavioral3

behavioral4

behavioral5

behavioral6

© 2018-2025

Terms | Privacy