ramnit

General

Target

2024-11-15_4659b9cb8fb2d7e7e9154cbd29f008c4_bkransomware_ramnit
Size

3.4MB
Sample

241115-nvw7fatdnh
MD5

4659b9cb8fb2d7e7e9154cbd29f008c4
SHA1

cd589be90f9f012bb981dffc9c603c3041404b4d
SHA256

2accae9c4377f2cc1826425bbd536f7bed5695dff2d11db4aec2b01e7c363dcb
SHA512

7fb4fa87a55b597d7fa569307714cc274686e6cdcfd23b5b1b8fde5aa2e300113fd2efc5e9ebca03cd2b640ee6411790d9663d5ecc56768ac4ee6ebc102579d8
SSDEEP

98304:48CN2qephlvHVu8JE7zvDCpsih8VCRe+FLOAkGkzdnEVomFHKnPWKY:4YVeCpsih3e+FLOyomFHKnPWKY

Score

10^/10

Malware Config

Targets

- Target
  
  2024-11-15_4659b9cb8fb2d7e7e9154cbd29f008c4_bkransomware_ramnit
- Size
  
  3.4MB
- MD5
  
  4659b9cb8fb2d7e7e9154cbd29f008c4
- SHA1
  
  cd589be90f9f012bb981dffc9c603c3041404b4d
- SHA256
  
  2accae9c4377f2cc1826425bbd536f7bed5695dff2d11db4aec2b01e7c363dcb
- SHA512
  
  7fb4fa87a55b597d7fa569307714cc274686e6cdcfd23b5b1b8fde5aa2e300113fd2efc5e9ebca03cd2b640ee6411790d9663d5ecc56768ac4ee6ebc102579d8
- SSDEEP
  
  98304:48CN2qephlvHVu8JE7zvDCpsih8VCRe+FLOAkGkzdnEVomFHKnPWKY:4YVeCpsih3e+FLOyomFHKnPWKY
Score

10^/10

ramnit banker discovery spyware stealer trojan upx worm
- Ramnit
  Ramnit is a versatile family that holds viruses, worms, and Trojans.
  trojan spyware stealer worm banker ramnit
- Ramnit family
  ramnit
- Executes dropped EXE
- Loads dropped DLL
- UPX packed file
  Detects executables packed with UPX/modified UPX open source packer.
  upx
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Modify Registry

1

T1112

Credential Access

Discovery

System Information Discovery

1

T1082

System Location Discovery

1

T1614

System Language Discovery

1

T1614.001

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

Sharing

General

Malware Config

Targets

Ramnit family

Executes dropped EXE

Loads dropped DLL

UPX packed file

MITRE ATT&CK Enterprise v15

Tasks

static1

behavioral1

behavioral2