ramnit | b62d28842167e4e6e2cdb76dc352937f5e7eca5626cdec199b64e3b7476f8d01 | Triage

Submit
Reports

Overview

overview

Static

static

3

2024-10-03...it.exe

windows7-x64

2024-10-03...it.exe

windows10-2004-x64

7

Sharing

Copy URL Twitter E-mail

General

Target

2024-10-03_97e515f86b5019d0ed6531f3baeb52d9_icedid_ramnit
Size

475KB
Sample

241003-d2mapssdmp
MD5

97e515f86b5019d0ed6531f3baeb52d9
SHA1

f0320db300194e8c3e1629289ed7dea8abf09f22
SHA256

b62d28842167e4e6e2cdb76dc352937f5e7eca5626cdec199b64e3b7476f8d01
SHA512

f9376a7bff807806674a351265580c618b037ab9c2f228d060ebdc8bb7d3812bcf96e83b02ac4042c2887942e83a56df0c186a2cb23bf0ca022133db52741e3b
SSDEEP

6144:2aGlIYUIrf3M1Nnpfx58Mc+WOcclEaPRiZ2UC73OAOM+h7xmn8fBgFb4tz+QGWb:2ryP1zfMeZnO23ay+h7Bg5wz+QN

Score

10^/10

ramnit banker discovery spyware stealer trojan upx worm

Static task

static1

1 signatures

Behavioral task

behavioral1

Sample

2024-10-03_97e515f86b5019d0ed6531f3baeb52d9_icedid_ramnit.exe

Resource

win7-20240903-en

ramnit banker discovery spyware stealer trojan upx worm

windows7-x64

11 signatures

150 seconds

Behavioral task

behavioral2

Sample

2024-10-03_97e515f86b5019d0ed6531f3baeb52d9_icedid_ramnit.exe

Resource

win10v2004-20240802-en

windows10-2004-x64

5 signatures

150 seconds

Malware Config

Targets

- Target
  
  2024-10-03_97e515f86b5019d0ed6531f3baeb52d9_icedid_ramnit
- Size
  
  475KB
- MD5
  
  97e515f86b5019d0ed6531f3baeb52d9
- SHA1
  
  f0320db300194e8c3e1629289ed7dea8abf09f22
- SHA256
  
  b62d28842167e4e6e2cdb76dc352937f5e7eca5626cdec199b64e3b7476f8d01
- SHA512
  
  f9376a7bff807806674a351265580c618b037ab9c2f228d060ebdc8bb7d3812bcf96e83b02ac4042c2887942e83a56df0c186a2cb23bf0ca022133db52741e3b
- SSDEEP
  
  6144:2aGlIYUIrf3M1Nnpfx58Mc+WOcclEaPRiZ2UC73OAOM+h7xmn8fBgFb4tz+QGWb:2ryP1zfMeZnO23ay+h7Bg5wz+QN
Score

10^/10

ramnit banker discovery spyware stealer trojan upx worm
- Ramnit
  Ramnit is a versatile family that holds viruses, worms, and Trojans.
  trojan spyware stealer worm banker ramnit
- Executes dropped EXE
- Loads dropped DLL
- UPX packed file
  Detects executables packed with UPX/modified UPX open source packer.
  upx
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Modify Registry

Credential Access

Discovery

System Location Discovery

System Language Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

ramnitbankerdiscoveryspywarestealertrojanupxworm

behavioral2

© 2018-2025

Terms | Privacy