ramnit | 8417cb2615b15ae8eae74107aae0e6ca31879f51527a578778d2064d67ac6377 | Triage

Submit
Reports

Overview

overview

Static

static

3

8417cb2615...77.exe

windows7-x64

8417cb2615...77.exe

windows10-2004-x64

Sharing

General

Target

8417cb2615b15ae8eae74107aae0e6ca31879f51527a578778d2064d67ac6377
Size

808KB
Sample

241125-bawzqayrbx
MD5

9ba8b375f956f8d70311abae421e52f6
SHA1

f631d8937e0a89663d1aceeec78bcc8f54e51a11
SHA256

8417cb2615b15ae8eae74107aae0e6ca31879f51527a578778d2064d67ac6377
SHA512

dc642a3b2e07872a5c60e522f785427895679e42163e6829afdc7873804b1a2f580d9a9c36fb837466aa5555278d57bfa05392366a0d74f4a9dd36f94ad72082
SSDEEP

6144:YcP3ZOyM0FMlj8435o+1XMbOi7slKpPvss8jP8Avsr4ikYbFWgZvFl6ifSJNs9/+:SyMBj843t1XcgOPvLrHNFWAlwKEPuo

Score

10^/10

ramnit banker discovery spyware stealer trojan upx worm

Static task

static1

1 signatures

Behavioral task

behavioral1

Sample

8417cb2615b15ae8eae74107aae0e6ca31879f51527a578778d2064d67ac6377.exe

Resource

win7-20240903-en

ramnit banker discovery spyware stealer trojan upx worm

windows7-x64

12 signatures

150 seconds

Behavioral task

behavioral2

Sample

8417cb2615b15ae8eae74107aae0e6ca31879f51527a578778d2064d67ac6377.exe

Resource

win10v2004-20241007-en

ramnit banker discovery spyware stealer trojan upx worm

windows10-2004-x64

11 signatures

150 seconds

Malware Config

Targets

- Target
  
  8417cb2615b15ae8eae74107aae0e6ca31879f51527a578778d2064d67ac6377
- Size
  
  808KB
- MD5
  
  9ba8b375f956f8d70311abae421e52f6
- SHA1
  
  f631d8937e0a89663d1aceeec78bcc8f54e51a11
- SHA256
  
  8417cb2615b15ae8eae74107aae0e6ca31879f51527a578778d2064d67ac6377
- SHA512
  
  dc642a3b2e07872a5c60e522f785427895679e42163e6829afdc7873804b1a2f580d9a9c36fb837466aa5555278d57bfa05392366a0d74f4a9dd36f94ad72082
- SSDEEP
  
  6144:YcP3ZOyM0FMlj8435o+1XMbOi7slKpPvss8jP8Avsr4ikYbFWgZvFl6ifSJNs9/+:SyMBj843t1XcgOPvLrHNFWAlwKEPuo
Score

10^/10

ramnit banker discovery spyware stealer trojan upx worm
- Ramnit
  Ramnit is a versatile family that holds viruses, worms, and Trojans.
  trojan spyware stealer worm banker ramnit
- Ramnit family
  ramnit
- Executes dropped EXE
- Loads dropped DLL
- UPX packed file
  Detects executables packed with UPX/modified UPX open source packer.
  upx
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Modify Registry

Credential Access

Discovery

System Location Discovery

System Language Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

ramnitbankerdiscoveryspywarestealertrojanupxworm

behavioral2

ramnitbankerdiscoveryspywarestealertrojanupxworm

© 2018-2024

Terms | Privacy