ramnit | a142af42dce4dd20008229039f08037ba558c721cd637f2e3d6e2122aab29b08 | Triage

Submit
Reports

Overview

overview

Static

static

3

a142af42dc...8N.exe

windows7-x64

a142af42dc...8N.exe

windows10-2004-x64

Sharing

General

Target

a142af42dce4dd20008229039f08037ba558c721cd637f2e3d6e2122aab29b08N
Size

256KB
Sample

240919-hsnjmawfpq
MD5

15127d4cd5bf2f8bde1075f2aa720350
SHA1

e231623c005956fee50c2adf9be2f56b93089185
SHA256

a142af42dce4dd20008229039f08037ba558c721cd637f2e3d6e2122aab29b08
SHA512

ebd4e35a2aafc7477a851c7e940ebe30dce73ec77458bdfd9331d686721925a59c3f5d50a866b08f7c4309c71d93f58e3550b04e3438af713f614433a0010be7
SSDEEP

6144:14C9QS6kCziOuAOuAOuAOuAOuAOuAOuAOuAOu4wwwwwwwwppNNgnmCiPD5:1KjwwwwwwwwpXOn3iPD

Score

10^/10

ramnit banker discovery spyware stealer trojan upx worm

Static task

static1

1 signatures

Behavioral task

behavioral1

Sample

a142af42dce4dd20008229039f08037ba558c721cd637f2e3d6e2122aab29b08N.exe

Resource

win7-20240903-en

ramnit banker discovery spyware stealer trojan upx worm

windows7-x64

12 signatures

120 seconds

Behavioral task

behavioral2

Sample

a142af42dce4dd20008229039f08037ba558c721cd637f2e3d6e2122aab29b08N.exe

Resource

win10v2004-20240802-en

ramnit banker discovery spyware stealer trojan upx worm

windows10-2004-x64

10 signatures

120 seconds

Malware Config

Targets

- Target
  
  a142af42dce4dd20008229039f08037ba558c721cd637f2e3d6e2122aab29b08N
- Size
  
  256KB
- MD5
  
  15127d4cd5bf2f8bde1075f2aa720350
- SHA1
  
  e231623c005956fee50c2adf9be2f56b93089185
- SHA256
  
  a142af42dce4dd20008229039f08037ba558c721cd637f2e3d6e2122aab29b08
- SHA512
  
  ebd4e35a2aafc7477a851c7e940ebe30dce73ec77458bdfd9331d686721925a59c3f5d50a866b08f7c4309c71d93f58e3550b04e3438af713f614433a0010be7
- SSDEEP
  
  6144:14C9QS6kCziOuAOuAOuAOuAOuAOuAOuAOuAOu4wwwwwwwwppNNgnmCiPD5:1KjwwwwwwwwpXOn3iPD
Score

10^/10

ramnit banker discovery spyware stealer trojan upx worm
- Ramnit
  Ramnit is a versatile family that holds viruses, worms, and Trojans.
  trojan spyware stealer worm banker ramnit
- Executes dropped EXE
- Loads dropped DLL
- UPX packed file
  Detects executables packed with UPX/modified UPX open source packer.
  upx
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Modify Registry

Credential Access

Discovery

System Location Discovery

System Language Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

ramnitbankerdiscoveryspywarestealertrojanupxworm

behavioral2

ramnitbankerdiscoveryspywarestealertrojanupxworm

© 2018-2025

Terms | Privacy