ramnit | 30cad55aa9115e1843f144fab6330e9f1cc2af343a414375d0cd3b8d1f4c9f7a | Triage

Submit
Reports

Overview

overview

Static

static

5

30cad55aa9...aN.dll

windows7-x64

30cad55aa9...aN.dll

windows10-2004-x64

Sharing

General

Target

30cad55aa9115e1843f144fab6330e9f1cc2af343a414375d0cd3b8d1f4c9f7aN
Size

379KB
Sample

241109-h9vdhazgpg
MD5

3caa2baf758a34234f06e60379a3d1a0
SHA1

c978639a787c7a1e1e000e593fd99feb20070956
SHA256

30cad55aa9115e1843f144fab6330e9f1cc2af343a414375d0cd3b8d1f4c9f7a
SHA512

704e4199cc7c3f38014d70ea49370cb0e0f4f730c9140732a4871c1c57feb8126370eaad32b4d040723ed44372f9b3df2c56c8d9b8c19b3268d02eef73fa8b9f
SSDEEP

6144:nc5z3F+mzWu9/ANUqIAGh6u053Sdi88PCqr9YjhDtgZME83ufg+8ojmS:c5zziZNURVs3SMEF+jS

Score

10^/10

ramnit banker discovery spyware stealer trojan upx worm

Static task

static1

2 signatures

Behavioral task

behavioral1

Sample

30cad55aa9115e1843f144fab6330e9f1cc2af343a414375d0cd3b8d1f4c9f7aN.dll

Resource

win7-20240903-en

ramnit banker discovery spyware stealer trojan upx worm

windows7-x64

14 signatures

120 seconds

Behavioral task

behavioral2

Sample

30cad55aa9115e1843f144fab6330e9f1cc2af343a414375d0cd3b8d1f4c9f7aN.dll

Resource

win10v2004-20241007-en

ramnit banker discovery spyware stealer trojan upx worm

windows10-2004-x64

13 signatures

120 seconds

Malware Config

Targets

- Target
  
  30cad55aa9115e1843f144fab6330e9f1cc2af343a414375d0cd3b8d1f4c9f7aN
- Size
  
  379KB
- MD5
  
  3caa2baf758a34234f06e60379a3d1a0
- SHA1
  
  c978639a787c7a1e1e000e593fd99feb20070956
- SHA256
  
  30cad55aa9115e1843f144fab6330e9f1cc2af343a414375d0cd3b8d1f4c9f7a
- SHA512
  
  704e4199cc7c3f38014d70ea49370cb0e0f4f730c9140732a4871c1c57feb8126370eaad32b4d040723ed44372f9b3df2c56c8d9b8c19b3268d02eef73fa8b9f
- SSDEEP
  
  6144:nc5z3F+mzWu9/ANUqIAGh6u053Sdi88PCqr9YjhDtgZME83ufg+8ojmS:c5zziZNURVs3SMEF+jS
Score

10^/10

ramnit banker discovery spyware stealer trojan upx worm
- Ramnit
  Ramnit is a versatile family that holds viruses, worms, and Trojans.
  trojan spyware stealer worm banker ramnit
- Ramnit family
  ramnit
- Executes dropped EXE
- Loads dropped DLL
- Drops file in System32 directory
- UPX packed file
  Detects executables packed with UPX/modified UPX open source packer.
  upx
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Modify Registry

Credential Access

Discovery

System Location Discovery

System Language Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

ramnitbankerdiscoveryspywarestealertrojanupxworm

behavioral2

ramnitbankerdiscoveryspywarestealertrojanupxworm

© 2018-2025

Terms | Privacy