ramnit | fac24a10c18cd8829429a366297abeb06956fc7dfb308b73fafbc42357adc1bd | Triage

Submit
Reports

Overview

overview

Static

static

3

fac24a10c1...bd.dll

windows7-x64

fac24a10c1...bd.dll

windows10-2004-x64

7

Sharing

General

Target

fac24a10c18cd8829429a366297abeb06956fc7dfb308b73fafbc42357adc1bd
Size

170KB
Sample

241119-acyqnaydnq
MD5

8d1a318e14221eddf86af0c50f6cb8e4
SHA1

162763d9debb02777701acceef260ee7fda347ff
SHA256

fac24a10c18cd8829429a366297abeb06956fc7dfb308b73fafbc42357adc1bd
SHA512

18adafb8e7c14b101c7097e67d4c99da25d76a065893be945a81af03092cf025ef4940b21bc95eff7dea4d39dc014de783c30e8604378a56a0727a67ab3c0ce3
SSDEEP

3072:bcwO/iTOdgWtJ6LkHn/rkiENpYrvQaSISixCC/xwp2rrUDf:bDTOdgWtYCjkR/YrvQaSrcwptDf

Score

10^/10

ramnit banker discovery spyware stealer trojan upx worm

Static task

static1

1 signatures

Behavioral task

behavioral1

Sample

fac24a10c18cd8829429a366297abeb06956fc7dfb308b73fafbc42357adc1bd.dll

Resource

win7-20240903-en

ramnit banker discovery spyware stealer trojan upx worm

windows7-x64

13 signatures

150 seconds

Behavioral task

behavioral2

Sample

fac24a10c18cd8829429a366297abeb06956fc7dfb308b73fafbc42357adc1bd.dll

Resource

win10v2004-20241007-en

windows10-2004-x64

7 signatures

150 seconds

Malware Config

Targets

- Target
  
  fac24a10c18cd8829429a366297abeb06956fc7dfb308b73fafbc42357adc1bd
- Size
  
  170KB
- MD5
  
  8d1a318e14221eddf86af0c50f6cb8e4
- SHA1
  
  162763d9debb02777701acceef260ee7fda347ff
- SHA256
  
  fac24a10c18cd8829429a366297abeb06956fc7dfb308b73fafbc42357adc1bd
- SHA512
  
  18adafb8e7c14b101c7097e67d4c99da25d76a065893be945a81af03092cf025ef4940b21bc95eff7dea4d39dc014de783c30e8604378a56a0727a67ab3c0ce3
- SSDEEP
  
  3072:bcwO/iTOdgWtJ6LkHn/rkiENpYrvQaSISixCC/xwp2rrUDf:bDTOdgWtYCjkR/YrvQaSrcwptDf
Score

10^/10

ramnit banker discovery spyware stealer trojan upx worm
- Ramnit
  Ramnit is a versatile family that holds viruses, worms, and Trojans.
  trojan spyware stealer worm banker ramnit
- Ramnit family
  ramnit
- Executes dropped EXE
- Loads dropped DLL
- Drops file in System32 directory
- UPX packed file
  Detects executables packed with UPX/modified UPX open source packer.
  upx
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Modify Registry

Credential Access

Discovery

System Location Discovery

System Language Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

ramnitbankerdiscoveryspywarestealertrojanupxworm

behavioral2

© 2018-2024

Terms | Privacy