ramnit | a1d5eb2c07bf3461fe82163bed8faf9147e039f334fa5cf174373909bbb270b9 | Triage

Submit
Reports

Overview

overview

Static

static

3

a1d5eb2c07...b9.dll

windows7-x64

a1d5eb2c07...b9.dll

windows10-2004-x64

Sharing

General

Target

a1d5eb2c07bf3461fe82163bed8faf9147e039f334fa5cf174373909bbb270b9
Size

2.3MB
Sample

241119-te1sksxpdx
MD5

da0218ed3c8030568b18ea12513f2e90
SHA1

f023f984534f81ad45855fbf519ffc464dc2df92
SHA256

a1d5eb2c07bf3461fe82163bed8faf9147e039f334fa5cf174373909bbb270b9
SHA512

6771bbc0a3d186d099de6bb6194e31064a16549deb5dfcf2034e212ca619a7513ba433ecf98fb4811dcec5c946ba28637cd92b3abd87817f67a91791b32fcd3b
SSDEEP

49152:cuHn/D1V9nA3qPNrw1Xk0PPA8FqRI52NPhWoJ:cuH7tA3qrw1Xk0PPA8FqRZ

Score

10^/10

ramnit banker discovery spyware stealer trojan upx worm

Static task

static1

1 signatures

Behavioral task

behavioral1

Sample

a1d5eb2c07bf3461fe82163bed8faf9147e039f334fa5cf174373909bbb270b9.dll

Resource

win7-20240729-en

ramnit banker discovery spyware stealer trojan upx worm

windows7-x64

13 signatures

150 seconds

Behavioral task

behavioral2

Sample

a1d5eb2c07bf3461fe82163bed8faf9147e039f334fa5cf174373909bbb270b9.dll

Resource

win10v2004-20241007-en

ramnit banker discovery spyware stealer trojan upx worm

windows10-2004-x64

12 signatures

150 seconds

Malware Config

Targets

- Target
  
  a1d5eb2c07bf3461fe82163bed8faf9147e039f334fa5cf174373909bbb270b9
- Size
  
  2.3MB
- MD5
  
  da0218ed3c8030568b18ea12513f2e90
- SHA1
  
  f023f984534f81ad45855fbf519ffc464dc2df92
- SHA256
  
  a1d5eb2c07bf3461fe82163bed8faf9147e039f334fa5cf174373909bbb270b9
- SHA512
  
  6771bbc0a3d186d099de6bb6194e31064a16549deb5dfcf2034e212ca619a7513ba433ecf98fb4811dcec5c946ba28637cd92b3abd87817f67a91791b32fcd3b
- SSDEEP
  
  49152:cuHn/D1V9nA3qPNrw1Xk0PPA8FqRI52NPhWoJ:cuH7tA3qrw1Xk0PPA8FqRZ
Score

10^/10

ramnit banker discovery spyware stealer trojan upx worm
- Ramnit
  Ramnit is a versatile family that holds viruses, worms, and Trojans.
  trojan spyware stealer worm banker ramnit
- Ramnit family
  ramnit
- Executes dropped EXE
- Loads dropped DLL
- Drops file in System32 directory
- UPX packed file
  Detects executables packed with UPX/modified UPX open source packer.
  upx
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Modify Registry

Credential Access

Discovery

System Location Discovery

System Language Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

ramnitbankerdiscoveryspywarestealertrojanupxworm

behavioral2

ramnitbankerdiscoveryspywarestealertrojanupxworm

© 2018-2025

Terms | Privacy