ramnit | 115b3ecabcad34213c2392e2918daa5b41a77c55d6efd5df2d33462e6054174e | Triage

Submit
Reports

Overview

overview

Static

static

3

115b3ecabc...4e.dll

windows7-x64

115b3ecabc...4e.dll

windows10-2004-x64

7

Sharing

General

Target

115b3ecabcad34213c2392e2918daa5b41a77c55d6efd5df2d33462e6054174e
Size

456KB
Sample

241113-yh35bsxne1
MD5

0e75ff88cda6b552dbd7c823511e5adc
SHA1

c9cbbec555e7ebadfd3bbe059648dd0faf9a8e16
SHA256

115b3ecabcad34213c2392e2918daa5b41a77c55d6efd5df2d33462e6054174e
SHA512

5cd3959f2aff978c16c30d8a7134cbf5535084705e315dcc5975d223a1104bf003c9be4801743f31773920bd0963734a285274942a020efb449fb76850ef6e66
SSDEEP

12288:5n2QK/lGRgOUqmq9kR6lhKXPqljtOBZh+axlQP:5n2QK/cRgOnmq9g6uqKLh+emP

Score

10^/10

ramnit banker discovery spyware stealer trojan upx worm

Static task

static1

1 signatures

Behavioral task

behavioral1

Sample

115b3ecabcad34213c2392e2918daa5b41a77c55d6efd5df2d33462e6054174e.dll

Resource

win7-20241023-en

ramnit banker discovery spyware stealer trojan upx worm

windows7-x64

13 signatures

150 seconds

Behavioral task

behavioral2

Sample

115b3ecabcad34213c2392e2918daa5b41a77c55d6efd5df2d33462e6054174e.dll

Resource

win10v2004-20241007-en

windows10-2004-x64

7 signatures

150 seconds

Malware Config

Targets

- Target
  
  115b3ecabcad34213c2392e2918daa5b41a77c55d6efd5df2d33462e6054174e
- Size
  
  456KB
- MD5
  
  0e75ff88cda6b552dbd7c823511e5adc
- SHA1
  
  c9cbbec555e7ebadfd3bbe059648dd0faf9a8e16
- SHA256
  
  115b3ecabcad34213c2392e2918daa5b41a77c55d6efd5df2d33462e6054174e
- SHA512
  
  5cd3959f2aff978c16c30d8a7134cbf5535084705e315dcc5975d223a1104bf003c9be4801743f31773920bd0963734a285274942a020efb449fb76850ef6e66
- SSDEEP
  
  12288:5n2QK/lGRgOUqmq9kR6lhKXPqljtOBZh+axlQP:5n2QK/cRgOnmq9g6uqKLh+emP
Score

10^/10

ramnit banker discovery spyware stealer trojan upx worm
- Ramnit
  Ramnit is a versatile family that holds viruses, worms, and Trojans.
  trojan spyware stealer worm banker ramnit
- Ramnit family
  ramnit
- Executes dropped EXE
- Loads dropped DLL
- Drops file in System32 directory
- UPX packed file
  Detects executables packed with UPX/modified UPX open source packer.
  upx
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Modify Registry

Credential Access

Discovery

System Location Discovery

System Language Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

ramnitbankerdiscoveryspywarestealertrojanupxworm

behavioral2

© 2018-2025

Terms | Privacy