ramnit | 5ddfa26a51a4c10b09d9ac9c62e8981b293344f19f3812d9b77e3cf33a7aa183 | Triage

Submit
Reports

Overview

overview

Static

static

3

2024-10-02...it.exe

windows7-x64

2024-10-02...it.exe

windows10-2004-x64

7

Sharing

Copy URL Twitter E-mail

General

Target

2024-10-02_ffa03ba778330e2d14419fb10f967e34_mafia_ramnit
Size

344KB
Sample

241002-x33tmawemh
MD5

ffa03ba778330e2d14419fb10f967e34
SHA1

5ecd9824c804ce3a47d6d3cf2d99e33bdc2a433f
SHA256

5ddfa26a51a4c10b09d9ac9c62e8981b293344f19f3812d9b77e3cf33a7aa183
SHA512

fa11b47c4a057240d80ca75765fd6503cc60fa07e025641299158415aa67dd4cc559c5bfbe7d2c40812631ae1e4b2664f0b6ce5acc202aa99e16f96bcdcaf718
SSDEEP

6144:o5ZFn5ui1oXpvT3hnyX2+Bf1cPOtJF8aiMhSY4yTHwsGHTeL:o95/1oXxTRnO2+Bf0OWaiMhSYnH1UA

Score

10^/10

ramnit banker discovery spyware stealer trojan upx worm

Static task

static1

1 signatures

Behavioral task

behavioral1

Sample

2024-10-02_ffa03ba778330e2d14419fb10f967e34_mafia_ramnit.exe

Resource

win7-20240729-en

ramnit banker discovery spyware stealer trojan upx worm

windows7-x64

12 signatures

150 seconds

Behavioral task

behavioral2

Sample

2024-10-02_ffa03ba778330e2d14419fb10f967e34_mafia_ramnit.exe

Resource

win10v2004-20240802-en

windows10-2004-x64

7 signatures

150 seconds

Malware Config

Targets

- Target
  
  2024-10-02_ffa03ba778330e2d14419fb10f967e34_mafia_ramnit
- Size
  
  344KB
- MD5
  
  ffa03ba778330e2d14419fb10f967e34
- SHA1
  
  5ecd9824c804ce3a47d6d3cf2d99e33bdc2a433f
- SHA256
  
  5ddfa26a51a4c10b09d9ac9c62e8981b293344f19f3812d9b77e3cf33a7aa183
- SHA512
  
  fa11b47c4a057240d80ca75765fd6503cc60fa07e025641299158415aa67dd4cc559c5bfbe7d2c40812631ae1e4b2664f0b6ce5acc202aa99e16f96bcdcaf718
- SSDEEP
  
  6144:o5ZFn5ui1oXpvT3hnyX2+Bf1cPOtJF8aiMhSY4yTHwsGHTeL:o95/1oXxTRnO2+Bf0OWaiMhSYnH1UA
Score

10^/10

ramnit banker discovery spyware stealer trojan upx worm
- Ramnit
  Ramnit is a versatile family that holds viruses, worms, and Trojans.
  trojan spyware stealer worm banker ramnit
- Executes dropped EXE
- Loads dropped DLL
- UPX packed file
  Detects executables packed with UPX/modified UPX open source packer.
  upx
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Modify Registry

Credential Access

Discovery

System Information Discovery

System Location Discovery

System Language Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

ramnitbankerdiscoveryspywarestealertrojanupxworm

behavioral2

© 2018-2025

Terms | Privacy