ramnit | f4bd66dea2821c2a4afcc59754c3becd273ef8ebc7249991b1fb3694230ca648 | Triage

Submit
Reports

Overview

overview

Static

static

3

f4bd66dea2...8N.exe

windows7-x64

f4bd66dea2...8N.exe

windows10-2004-x64

Sharing

General

Target

f4bd66dea2821c2a4afcc59754c3becd273ef8ebc7249991b1fb3694230ca648N.exe
Size

69KB
Sample

241119-27qgbavmbw
MD5

7d009422fc838e616a4af386d182f5d0
SHA1

71b27eafe6c4ae2b3364291b3b7a7ff11cb294cf
SHA256

f4bd66dea2821c2a4afcc59754c3becd273ef8ebc7249991b1fb3694230ca648
SHA512

5143bfdb3ae5f0895941519be2171f4ee09c8b3d2d79fa055ccaa31813b4836f7ece1a336f3c12d0c25530c3adbf54b288228068560ed6ca296871a03af9d992
SSDEEP

1536:UFFCHsy1xOXIxPwsWrA270O0dhmyvxui6KLm2:UGHsyblhwFjny5uoy

Score

10^/10

ramnit banker discovery spyware stealer trojan upx worm

Static task

static1

1 signatures

Behavioral task

behavioral1

Sample

f4bd66dea2821c2a4afcc59754c3becd273ef8ebc7249991b1fb3694230ca648N.exe

Resource

win7-20240903-en

ramnit banker discovery spyware stealer trojan upx worm

windows7-x64

12 signatures

120 seconds

Behavioral task

behavioral2

Sample

f4bd66dea2821c2a4afcc59754c3becd273ef8ebc7249991b1fb3694230ca648N.exe

Resource

win10v2004-20241007-en

ramnit banker discovery spyware stealer trojan upx worm

windows10-2004-x64

11 signatures

120 seconds

Malware Config

Targets

- Target
  
  f4bd66dea2821c2a4afcc59754c3becd273ef8ebc7249991b1fb3694230ca648N.exe
- Size
  
  69KB
- MD5
  
  7d009422fc838e616a4af386d182f5d0
- SHA1
  
  71b27eafe6c4ae2b3364291b3b7a7ff11cb294cf
- SHA256
  
  f4bd66dea2821c2a4afcc59754c3becd273ef8ebc7249991b1fb3694230ca648
- SHA512
  
  5143bfdb3ae5f0895941519be2171f4ee09c8b3d2d79fa055ccaa31813b4836f7ece1a336f3c12d0c25530c3adbf54b288228068560ed6ca296871a03af9d992
- SSDEEP
  
  1536:UFFCHsy1xOXIxPwsWrA270O0dhmyvxui6KLm2:UGHsyblhwFjny5uoy
Score

10^/10

ramnit banker discovery spyware stealer trojan upx worm
- Ramnit
  Ramnit is a versatile family that holds viruses, worms, and Trojans.
  trojan spyware stealer worm banker ramnit
- Ramnit family
  ramnit
- Executes dropped EXE
- Loads dropped DLL
- UPX packed file
  Detects executables packed with UPX/modified UPX open source packer.
  upx
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Modify Registry

Credential Access

Discovery

System Location Discovery

System Language Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

ramnitbankerdiscoveryspywarestealertrojanupxworm

behavioral2

ramnitbankerdiscoveryspywarestealertrojanupxworm

© 2018-2024

Terms | Privacy