ramnit | 732d33e5adab7b396baa22f75f6d5ca84fe0f0b680cce4f4edd56a7738be8eaf | Triage

Submit
Reports

Overview

overview

Static

static

3

732d33e5ad...af.dll

windows7-x64

732d33e5ad...af.dll

windows10-2004-x64

Sharing

General

Target

732d33e5adab7b396baa22f75f6d5ca84fe0f0b680cce4f4edd56a7738be8eaf
Size

948KB
Sample

241125-ad2tpssrgn
MD5

ddf71a19a9461207c2d9320de1f6dd45
SHA1

3ba9bc3925835b3a7ce1c980f8ae50e20e7db0c4
SHA256

732d33e5adab7b396baa22f75f6d5ca84fe0f0b680cce4f4edd56a7738be8eaf
SHA512

32e7a8810965e3a9d7d2def33b6f2ec151b503750429c617bcbab46c5c7f7b565d77cf9fca115ffe9ad39bfbc45828ed60c9eeb6fb8687aa4e76a8c9011ea985
SSDEEP

24576:9zb1MlCKUQyUmjtczu6Prs9pgWoopooK9kwP43Qbp9ZSwV0VrDOv:9zbKsUmjtcdPGgIwPYQbpjV0cv

Score

10^/10

ramnit banker discovery spyware stealer trojan upx worm

Static task

static1

1 signatures

Behavioral task

behavioral1

Sample

732d33e5adab7b396baa22f75f6d5ca84fe0f0b680cce4f4edd56a7738be8eaf.dll

Resource

win7-20241010-en

ramnit banker discovery spyware stealer trojan upx worm

windows7-x64

8 signatures

150 seconds

Behavioral task

behavioral2

Sample

732d33e5adab7b396baa22f75f6d5ca84fe0f0b680cce4f4edd56a7738be8eaf.dll

Resource

win10v2004-20241007-en

ramnit banker discovery spyware stealer trojan upx worm

windows10-2004-x64

9 signatures

150 seconds

Malware Config

Targets

- Target
  
  732d33e5adab7b396baa22f75f6d5ca84fe0f0b680cce4f4edd56a7738be8eaf
- Size
  
  948KB
- MD5
  
  ddf71a19a9461207c2d9320de1f6dd45
- SHA1
  
  3ba9bc3925835b3a7ce1c980f8ae50e20e7db0c4
- SHA256
  
  732d33e5adab7b396baa22f75f6d5ca84fe0f0b680cce4f4edd56a7738be8eaf
- SHA512
  
  32e7a8810965e3a9d7d2def33b6f2ec151b503750429c617bcbab46c5c7f7b565d77cf9fca115ffe9ad39bfbc45828ed60c9eeb6fb8687aa4e76a8c9011ea985
- SSDEEP
  
  24576:9zb1MlCKUQyUmjtczu6Prs9pgWoopooK9kwP43Qbp9ZSwV0VrDOv:9zbKsUmjtcdPGgIwPYQbpjV0cv
Score

10^/10

ramnit banker discovery spyware stealer trojan upx worm
- Ramnit
  Ramnit is a versatile family that holds viruses, worms, and Trojans.
  trojan spyware stealer worm banker ramnit
- Ramnit family
  ramnit
- Executes dropped EXE
- Loads dropped DLL
- Drops file in System32 directory
- UPX packed file
  Detects executables packed with UPX/modified UPX open source packer.
  upx
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

System Location Discovery

System Language Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

ramnitbankerdiscoveryspywarestealertrojanupxworm

behavioral2

ramnitbankerdiscoveryspywarestealertrojanupxworm

© 2018-2024

Terms | Privacy