ramnit | 380232c4d78e4c015ab8469ff62c8f2d4d44f2ebbc3aca0baf26d785402d87dc | Triage

Submit
Reports

Overview

overview

Static

static

3

380232c4d7...dc.dll

windows7-x64

380232c4d7...dc.dll

windows10-2004-x64

Sharing

General

Target

380232c4d78e4c015ab8469ff62c8f2d4d44f2ebbc3aca0baf26d785402d87dc
Size

353KB
Sample

240417-lgkv5sba22
MD5

c04f67210a558c26d0132036cb2d0c25
SHA1

5896f685f25d4908826960d5dd3e0e82ce2e00c1
SHA256

380232c4d78e4c015ab8469ff62c8f2d4d44f2ebbc3aca0baf26d785402d87dc
SHA512

825857f3e8020003cd6bf2acac6be61e3174be77ed9aeea77f8cfb6e277d601abdb575f84fac5df3683d225df9902e048a05c10254519170bf811e5917d9b2cd
SSDEEP

6144:O1HCQc7/p7NthksJroUcdp1bw/uu+eLDXfbrTrzDIPS0iYrp1Hfmn1T:O1HCQOTthksJroUmp1bw/5DXfbzz0PSn

Score

10^/10

ramnit banker spyware stealer trojan upx worm

Static task

static1

1 signatures

Behavioral task

behavioral1

Sample

380232c4d78e4c015ab8469ff62c8f2d4d44f2ebbc3aca0baf26d785402d87dc.dll

Resource

win7-20240221-en

ramnit banker spyware stealer trojan upx worm

windows7-x64

11 signatures

150 seconds

Behavioral task

behavioral2

Sample

380232c4d78e4c015ab8469ff62c8f2d4d44f2ebbc3aca0baf26d785402d87dc.dll

Resource

win10v2004-20240412-en

ramnit banker spyware stealer trojan upx worm

windows10-2004-x64

11 signatures

150 seconds

Malware Config

Targets

- Target
  
  380232c4d78e4c015ab8469ff62c8f2d4d44f2ebbc3aca0baf26d785402d87dc
- Size
  
  353KB
- MD5
  
  c04f67210a558c26d0132036cb2d0c25
- SHA1
  
  5896f685f25d4908826960d5dd3e0e82ce2e00c1
- SHA256
  
  380232c4d78e4c015ab8469ff62c8f2d4d44f2ebbc3aca0baf26d785402d87dc
- SHA512
  
  825857f3e8020003cd6bf2acac6be61e3174be77ed9aeea77f8cfb6e277d601abdb575f84fac5df3683d225df9902e048a05c10254519170bf811e5917d9b2cd
- SSDEEP
  
  6144:O1HCQc7/p7NthksJroUcdp1bw/uu+eLDXfbrTrzDIPS0iYrp1Hfmn1T:O1HCQOTthksJroUmp1bw/5DXfbzz0PSn
Score

10^/10

ramnit banker spyware stealer trojan upx worm
- Ramnit
  Ramnit is a versatile family that holds viruses, worms, and Trojans.
  trojan spyware stealer worm banker ramnit
- Executes dropped EXE
- Loads dropped DLL
- UPX packed file
  Detects executables packed with UPX/modified UPX open source packer.
  upx
- Drops file in System32 directory
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Modify Registry

Credential Access

Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

ramnitbankerspywarestealertrojanupxworm

behavioral2

ramnitbankerspywarestealertrojanupxworm

© 2018-2025

Terms | Privacy