ramnit

General

Target

8f04d4296a225ef0f5360071d8964a3b96f5e39b59877e1dc76477232f679cdaN.exe
Size

3.9MB
Sample

241124-jjs87awpfl
MD5

79b04a58d8e28818c4a67db3792a3800
SHA1

2ad20e7c4ac2be596b3e3d727e3e4840f4b89f5e
SHA256

8f04d4296a225ef0f5360071d8964a3b96f5e39b59877e1dc76477232f679cda
SHA512

bdc21b7a441c661d37af449f438dda43b5611e1498ae6a38572a5317225c8d0bfb1d3333faaccc9b9c21ed3c40bbcde569f1be23d238bcb14409a6f0acfd8856
SSDEEP

3072:4AyDhKVnYyNZHxs1pCUaMTTkoLzrOHh7+Cn537NPeWUX0ip3:4j1KVnd7xs1jOH/pNPeO

Score

10^/10

Malware Config

Targets

- Target
  
  8f04d4296a225ef0f5360071d8964a3b96f5e39b59877e1dc76477232f679cdaN.exe
- Size
  
  3.9MB
- MD5
  
  79b04a58d8e28818c4a67db3792a3800
- SHA1
  
  2ad20e7c4ac2be596b3e3d727e3e4840f4b89f5e
- SHA256
  
  8f04d4296a225ef0f5360071d8964a3b96f5e39b59877e1dc76477232f679cda
- SHA512
  
  bdc21b7a441c661d37af449f438dda43b5611e1498ae6a38572a5317225c8d0bfb1d3333faaccc9b9c21ed3c40bbcde569f1be23d238bcb14409a6f0acfd8856
- SSDEEP
  
  3072:4AyDhKVnYyNZHxs1pCUaMTTkoLzrOHh7+Cn537NPeWUX0ip3:4j1KVnd7xs1jOH/pNPeO
Score

10^/10

ramnit banker discovery spyware stealer trojan upx worm
- Ramnit
  Ramnit is a versatile family that holds viruses, worms, and Trojans.
  trojan spyware stealer worm banker ramnit
- Ramnit family
  ramnit
- Executes dropped EXE
- Loads dropped DLL
- UPX packed file
  Detects executables packed with UPX/modified UPX open source packer.
  upx
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Modify Registry

1

T1112

Credential Access

Discovery

System Information Discovery

1

T1082

System Location Discovery

1

T1614

System Language Discovery

1

T1614.001

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

Sharing

General

Malware Config

Targets

Ramnit family

Executes dropped EXE

Loads dropped DLL

UPX packed file

MITRE ATT&CK Enterprise v15

Tasks

static1

behavioral1

behavioral2