ramnit | 8e61e100ed4af5bda6838a42690a7848b05d137c56b606ec0377e591c043e7d8 | Triage

Submit
Reports

Overview

overview

Static

static

3

8e61e100ed...d8.exe

windows7-x64

8e61e100ed...d8.exe

windows10-2004-x64

Sharing

General

Target

8e61e100ed4af5bda6838a42690a7848b05d137c56b606ec0377e591c043e7d8.exe
Size

309KB
Sample

241118-x1qraaykan
MD5

bd837fbcd575f454e98769b567ce7fd7
SHA1

c8f27c507b7fd4993136e32e7c3e19ba1a350db6
SHA256

8e61e100ed4af5bda6838a42690a7848b05d137c56b606ec0377e591c043e7d8
SHA512

ed7fb2d536fb0ea6b64668eea5193c00a4143034a2e951a580d3b2d47f8e974bb460c821b8273f4d7acf26de10eeeb254e48ca5b011248100bfb23eec1f1e95e
SSDEEP

6144:abz1BFNQGjTdUzNf92ThnS4azNpJ0RFZg6Yw:a9LVd0n3tJ/0RFZghw

Score

10^/10

ramnit banker discovery spyware stealer trojan upx worm

Static task

static1

1 signatures

Behavioral task

behavioral1

Sample

8e61e100ed4af5bda6838a42690a7848b05d137c56b606ec0377e591c043e7d8.exe

Resource

win7-20240903-en

ramnit banker discovery spyware stealer trojan upx worm

windows7-x64

12 signatures

120 seconds

Behavioral task

behavioral2

Sample

8e61e100ed4af5bda6838a42690a7848b05d137c56b606ec0377e591c043e7d8.exe

Resource

win10v2004-20241007-en

ramnit banker discovery spyware stealer trojan upx worm

windows10-2004-x64

11 signatures

120 seconds

Malware Config

Targets

- Target
  
  8e61e100ed4af5bda6838a42690a7848b05d137c56b606ec0377e591c043e7d8.exe
- Size
  
  309KB
- MD5
  
  bd837fbcd575f454e98769b567ce7fd7
- SHA1
  
  c8f27c507b7fd4993136e32e7c3e19ba1a350db6
- SHA256
  
  8e61e100ed4af5bda6838a42690a7848b05d137c56b606ec0377e591c043e7d8
- SHA512
  
  ed7fb2d536fb0ea6b64668eea5193c00a4143034a2e951a580d3b2d47f8e974bb460c821b8273f4d7acf26de10eeeb254e48ca5b011248100bfb23eec1f1e95e
- SSDEEP
  
  6144:abz1BFNQGjTdUzNf92ThnS4azNpJ0RFZg6Yw:a9LVd0n3tJ/0RFZghw
Score

10^/10

ramnit banker discovery spyware stealer trojan upx worm
- Ramnit
  Ramnit is a versatile family that holds viruses, worms, and Trojans.
  trojan spyware stealer worm banker ramnit
- Ramnit family
  ramnit
- Executes dropped EXE
- Loads dropped DLL
- UPX packed file
  Detects executables packed with UPX/modified UPX open source packer.
  upx
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Modify Registry

Credential Access

Discovery

System Location Discovery

System Language Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

ramnitbankerdiscoveryspywarestealertrojanupxworm

behavioral2

ramnitbankerdiscoveryspywarestealertrojanupxworm

© 2018-2024

Terms | Privacy