ramnit | 3e764285adea480b3fb2f685bac5a075189fd984d3619b47f6cea56fa387ed8b | Triage

Submit
Reports

Overview

overview

Static

static

3

2024-03-27...it.exe

windows7-x64

2024-03-27...it.exe

windows10-2004-x64

Sharing

General

Target

2024-03-27_24c804f1c5d63c55558fd9092199b43a_karagany_mafia_ramnit
Size

311KB
Sample

240327-tx3d5afh69
MD5

24c804f1c5d63c55558fd9092199b43a
SHA1

cfde09ccf7f8bcc753df5cbaaca8ffc2090e283f
SHA256

3e764285adea480b3fb2f685bac5a075189fd984d3619b47f6cea56fa387ed8b
SHA512

4bab90870a73a5c342b1ce30a5fd01ac8e82a848753b7c1e51d89f47156cf3ed7473940fcf2eb8993db1cd3bd871f529c8261902a28ab9f96e33a0a9f661d3a4
SSDEEP

6144:Obg3eugrl6p0bQWaM0EW6iZ77BAWEwrbI:yguNrl6p0b2oW6iZh8

Score

10^/10

ramnit banker spyware stealer trojan upx worm

Static task

static1

1 signatures

Behavioral task

behavioral1

Sample

2024-03-27_24c804f1c5d63c55558fd9092199b43a_karagany_mafia_ramnit.exe

Resource

win7-20240221-en

ramnit banker spyware stealer trojan upx worm

windows7-x64

7 signatures

150 seconds

Behavioral task

behavioral2

Sample

2024-03-27_24c804f1c5d63c55558fd9092199b43a_karagany_mafia_ramnit.exe

Resource

win10v2004-20240226-en

ramnit banker spyware stealer trojan upx worm

windows10-2004-x64

7 signatures

150 seconds

Malware Config

Targets

- Target
  
  2024-03-27_24c804f1c5d63c55558fd9092199b43a_karagany_mafia_ramnit
- Size
  
  311KB
- MD5
  
  24c804f1c5d63c55558fd9092199b43a
- SHA1
  
  cfde09ccf7f8bcc753df5cbaaca8ffc2090e283f
- SHA256
  
  3e764285adea480b3fb2f685bac5a075189fd984d3619b47f6cea56fa387ed8b
- SHA512
  
  4bab90870a73a5c342b1ce30a5fd01ac8e82a848753b7c1e51d89f47156cf3ed7473940fcf2eb8993db1cd3bd871f529c8261902a28ab9f96e33a0a9f661d3a4
- SSDEEP
  
  6144:Obg3eugrl6p0bQWaM0EW6iZ77BAWEwrbI:yguNrl6p0b2oW6iZh8
Score

10^/10

ramnit banker spyware stealer trojan upx worm
- Ramnit
  Ramnit is a versatile family that holds viruses, worms, and Trojans.
  trojan spyware stealer worm banker ramnit
- UPX dump on OEP (original entry point)
- Executes dropped EXE
- Loads dropped DLL
- UPX packed file
  Detects executables packed with UPX/modified UPX open source packer.
  upx
behavioral1 behavioral2

MITRE ATT&CK Matrix

Tasks

static1

behavioral1

ramnitbankerspywarestealertrojanupxworm

behavioral2

ramnitbankerspywarestealertrojanupxworm

© 2018-2024

Terms | Privacy