ramnit | b9d5a2aee8927f2a9e1866428788c50c5f2840c9466165a1ce3cd0ac610b764d | Triage

Submit
Reports

Overview

overview

Static

static

3

b9d5a2aee8...4d.exe

windows7-x64

b9d5a2aee8...4d.exe

windows10-2004-x64

Sharing

General

Target

b9d5a2aee8927f2a9e1866428788c50c5f2840c9466165a1ce3cd0ac610b764d
Size

298KB
Sample

240423-2796qacg27
MD5

f0a7eb4bbf2642d8348fc6341567a847
SHA1

0c4f8558470341fe697618f2d97c050c63c966a6
SHA256

b9d5a2aee8927f2a9e1866428788c50c5f2840c9466165a1ce3cd0ac610b764d
SHA512

575ab0db90648fbb336b98b376bfee4c0d24e66e9b8ec7b4e5612d5c760eb39769cfc7dfd0908e8df2f4f2c13def89ddf341cb7d15e798bcd58f0776f66f29d2
SSDEEP

6144:SVfjmN/B9gCSDx0ZKaN6RxS8DGvpXsGKLu8Ndjq1yj2:s7+/wCSl0URRLDetmxI1y

Score

10^/10

ramnit banker spyware stealer trojan upx worm

Static task

static1

1 signatures

Behavioral task

behavioral1

Sample

b9d5a2aee8927f2a9e1866428788c50c5f2840c9466165a1ce3cd0ac610b764d.exe

Resource

win7-20240215-en

ramnit banker spyware stealer trojan upx worm

windows7-x64

14 signatures

150 seconds

Behavioral task

behavioral2

Sample

b9d5a2aee8927f2a9e1866428788c50c5f2840c9466165a1ce3cd0ac610b764d.exe

Resource

win10v2004-20240412-en

ramnit banker spyware stealer trojan upx worm

windows10-2004-x64

12 signatures

150 seconds

Malware Config

Targets

- Target
  
  b9d5a2aee8927f2a9e1866428788c50c5f2840c9466165a1ce3cd0ac610b764d
- Size
  
  298KB
- MD5
  
  f0a7eb4bbf2642d8348fc6341567a847
- SHA1
  
  0c4f8558470341fe697618f2d97c050c63c966a6
- SHA256
  
  b9d5a2aee8927f2a9e1866428788c50c5f2840c9466165a1ce3cd0ac610b764d
- SHA512
  
  575ab0db90648fbb336b98b376bfee4c0d24e66e9b8ec7b4e5612d5c760eb39769cfc7dfd0908e8df2f4f2c13def89ddf341cb7d15e798bcd58f0776f66f29d2
- SSDEEP
  
  6144:SVfjmN/B9gCSDx0ZKaN6RxS8DGvpXsGKLu8Ndjq1yj2:s7+/wCSl0URRLDetmxI1y
Score

10^/10

ramnit banker spyware stealer trojan upx worm
- Ramnit
  Ramnit is a versatile family that holds viruses, worms, and Trojans.
  trojan spyware stealer worm banker ramnit
- Deletes itself
- Executes dropped EXE
- Loads dropped DLL
- UPX packed file
  Detects executables packed with UPX/modified UPX open source packer.
  upx
- Enumerates connected drives
  Attempts to read the root path of hard drives other than the default C: drive.
behavioral1 behavioral2

MITRE ATT&CK Matrix ATT&CK v13

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Modify Registry

Credential Access

Discovery

Query Registry

Peripheral Device Discovery

System Information Discovery

Lateral Movement

Collection

Exfiltration

Command and Control

Impact

Resource Development

Reconnaissance

Tasks

static1

behavioral1

ramnitbankerspywarestealertrojanupxworm

behavioral2

ramnitbankerspywarestealertrojanupxworm

© 2018-2024

Terms | Privacy