ramnit | 37016e95717e3908c5d79f248a42c849ba6f5f2acad163c94dea70f71846d362 | Triage

Submit
Reports

Overview

overview

Static

static

3

37016e9571...2N.dll

windows7-x64

37016e9571...2N.dll

windows10-2004-x64

Sharing

General

Target

37016e95717e3908c5d79f248a42c849ba6f5f2acad163c94dea70f71846d362N.exe
Size

116KB
Sample

241118-md3r8atqgx
MD5

41e680c2f1210e19230af1c2d03da3e0
SHA1

5951b49a3c7ce85507ba6096ab05c52b6a1a64c3
SHA256

37016e95717e3908c5d79f248a42c849ba6f5f2acad163c94dea70f71846d362
SHA512

3844feae47f2a7930b2081d365976a794bbcb8d1ea19902faf73e9a2e9245005fd748327133d34ad58ce4fbb39b031e3ecff1e404f56a325e7bf1fea9d2638bd
SSDEEP

1536:juTLBvTKbySZyICNoOk619WQaJVYNyA3M1xgbbKEBQxK74G5BIq5ewYYN:jc4bygyICNoOXnWQOVYNg9EQxa7w2

Score

10^/10

ramnit banker discovery spyware stealer trojan upx worm

Static task

static1

1 signatures

Behavioral task

behavioral1

Sample

37016e95717e3908c5d79f248a42c849ba6f5f2acad163c94dea70f71846d362N.dll

Resource

win7-20240903-en

ramnit banker discovery spyware stealer trojan upx worm

windows7-x64

14 signatures

120 seconds

Behavioral task

behavioral2

Sample

37016e95717e3908c5d79f248a42c849ba6f5f2acad163c94dea70f71846d362N.dll

Resource

win10v2004-20241007-en

ramnit banker discovery spyware stealer trojan upx worm

windows10-2004-x64

13 signatures

120 seconds

Malware Config

Targets

- Target
  
  37016e95717e3908c5d79f248a42c849ba6f5f2acad163c94dea70f71846d362N.exe
- Size
  
  116KB
- MD5
  
  41e680c2f1210e19230af1c2d03da3e0
- SHA1
  
  5951b49a3c7ce85507ba6096ab05c52b6a1a64c3
- SHA256
  
  37016e95717e3908c5d79f248a42c849ba6f5f2acad163c94dea70f71846d362
- SHA512
  
  3844feae47f2a7930b2081d365976a794bbcb8d1ea19902faf73e9a2e9245005fd748327133d34ad58ce4fbb39b031e3ecff1e404f56a325e7bf1fea9d2638bd
- SSDEEP
  
  1536:juTLBvTKbySZyICNoOk619WQaJVYNyA3M1xgbbKEBQxK74G5BIq5ewYYN:jc4bygyICNoOXnWQOVYNg9EQxa7w2
Score

10^/10

ramnit banker discovery spyware stealer trojan upx worm
- Ramnit
  Ramnit is a versatile family that holds viruses, worms, and Trojans.
  trojan spyware stealer worm banker ramnit
- Ramnit family
  ramnit
- Executes dropped EXE
- Loads dropped DLL
- Drops file in System32 directory
- UPX packed file
  Detects executables packed with UPX/modified UPX open source packer.
  upx
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Modify Registry

Credential Access

Discovery

System Location Discovery

System Language Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

ramnitbankerdiscoveryspywarestealertrojanupxworm

behavioral2

ramnitbankerdiscoveryspywarestealertrojanupxworm

© 2018-2025

Terms | Privacy