ramnit | 007f6886f89ec4fe4f1eae0f16068bf4edff60a1ab7bda33569e465cc8e614a1 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

ba8c4b63263bb97614e2fe83b9d13a53
Size

412KB
Sample

240308-fdrlmafd83
MD5

ba8c4b63263bb97614e2fe83b9d13a53
SHA1

f62a29b4f6a0b109077b188e5f18779c4d8af807
SHA256

007f6886f89ec4fe4f1eae0f16068bf4edff60a1ab7bda33569e465cc8e614a1
SHA512

f77e457be8ade1d001c2e35658c277db51d5e79c625021155fa3f997505f39854090e75d0b873a03badaa4cc89f26da29c548f27bfd5dd1c125535cf268b99e1
SSDEEP

6144:atabWqqyC92AabYSzCkL3Z9g5KKiJrgDz+Y9Gp0JYuP9JB/Hcc:i/9Zab/Ck9qghJrEz+Y4qFnB3

Score

10^/10

ramnit banker spyware stealer trojan worm

Malware Config

Targets

- Target
  
  ba8c4b63263bb97614e2fe83b9d13a53
- Size
  
  412KB
- MD5
  
  ba8c4b63263bb97614e2fe83b9d13a53
- SHA1
  
  f62a29b4f6a0b109077b188e5f18779c4d8af807
- SHA256
  
  007f6886f89ec4fe4f1eae0f16068bf4edff60a1ab7bda33569e465cc8e614a1
- SHA512
  
  f77e457be8ade1d001c2e35658c277db51d5e79c625021155fa3f997505f39854090e75d0b873a03badaa4cc89f26da29c548f27bfd5dd1c125535cf268b99e1
- SSDEEP
  
  6144:atabWqqyC92AabYSzCkL3Z9g5KKiJrgDz+Y9Gp0JYuP9JB/Hcc:i/9Zab/Ck9qghJrEz+Y4qFnB3
Score

10^/10

ramnit banker spyware stealer trojan worm
- Ramnit
  Ramnit is a versatile family that holds viruses, worms, and Trojans.
  trojan spyware stealer worm banker ramnit
- Executes dropped EXE
- Loads dropped DLL
- Drops file in System32 directory
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Modify Registry

Credential Access

Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

ramnitbankerspywarestealertrojanworm

behavioral2

ramnitbankerspywarestealertrojanworm