ramnit | 41dc56d9597a14922c305bb40b236fd9437e03daec36b597f1e40fc97e36eb77 | Triage

Submit
Reports

Overview

overview

Static

static

3

41dc56d959...77.dll

windows7-x64

41dc56d959...77.dll

windows10-2004-x64

Sharing

Copy URL Twitter E-mail

General

Target

41dc56d9597a14922c305bb40b236fd9437e03daec36b597f1e40fc97e36eb77
Size

1.9MB
Sample

241119-ws68mazfrl
MD5

45e824b464cfd7bf7a51bec9df9c10a4
SHA1

81565c3ae81cdac3da674790d0b2a2d93979cea1
SHA256

41dc56d9597a14922c305bb40b236fd9437e03daec36b597f1e40fc97e36eb77
SHA512

496c39dc5d724dfde39f7133d828eb8735efe0095c5db73116dfc7d9549e3ba38900305707f02d88d93eabecb10aacfb36f1a6dede02d5cbaa5bc0aea67c14b9
SSDEEP

49152:rjed9cEUan53raQEGtbYTBFcYlmtsPg3M:rqdKEn12Q9tbYTBFcYlm

Score

10^/10

ramnit banker discovery spyware stealer trojan upx worm

Static task

static1

1 signatures

Behavioral task

behavioral1

Sample

41dc56d9597a14922c305bb40b236fd9437e03daec36b597f1e40fc97e36eb77.dll

Resource

win7-20240903-en

ramnit banker discovery spyware stealer trojan upx worm

windows7-x64

13 signatures

150 seconds

Behavioral task

behavioral2

Sample

41dc56d9597a14922c305bb40b236fd9437e03daec36b597f1e40fc97e36eb77.dll

Resource

win10v2004-20241007-en

ramnit banker discovery spyware stealer trojan upx worm

windows10-2004-x64

12 signatures

150 seconds

Malware Config

Targets

- Target
  
  41dc56d9597a14922c305bb40b236fd9437e03daec36b597f1e40fc97e36eb77
- Size
  
  1.9MB
- MD5
  
  45e824b464cfd7bf7a51bec9df9c10a4
- SHA1
  
  81565c3ae81cdac3da674790d0b2a2d93979cea1
- SHA256
  
  41dc56d9597a14922c305bb40b236fd9437e03daec36b597f1e40fc97e36eb77
- SHA512
  
  496c39dc5d724dfde39f7133d828eb8735efe0095c5db73116dfc7d9549e3ba38900305707f02d88d93eabecb10aacfb36f1a6dede02d5cbaa5bc0aea67c14b9
- SSDEEP
  
  49152:rjed9cEUan53raQEGtbYTBFcYlmtsPg3M:rqdKEn12Q9tbYTBFcYlm
Score

10^/10

ramnit banker discovery spyware stealer trojan upx worm
- Ramnit
  Ramnit is a versatile family that holds viruses, worms, and Trojans.
  trojan spyware stealer worm banker ramnit
- Ramnit family
  ramnit
- Executes dropped EXE
- Loads dropped DLL
- Drops file in System32 directory
- UPX packed file
  Detects executables packed with UPX/modified UPX open source packer.
  upx
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Modify Registry

Credential Access

Discovery

System Location Discovery

System Language Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

ramnitbankerdiscoveryspywarestealertrojanupxworm

behavioral2

ramnitbankerdiscoveryspywarestealertrojanupxworm

© 2018-2025

Terms | Privacy