ramnit | 56e2476a1c16a555d945241205a7cac168b44fb8761fd6107ed15e316e0f080e | Triage

Submit
Reports

Overview

overview

Static

static

3

56e2476a1c...eN.exe

windows7-x64

56e2476a1c...eN.exe

windows10-2004-x64

Sharing

General

Target

56e2476a1c16a555d945241205a7cac168b44fb8761fd6107ed15e316e0f080eN.exe
Size

198KB
Sample

241210-rlb2pasneq
MD5

17c77037f77b4d00969143fa29e45ee0
SHA1

bb9c545cb32c36e6c8fd7a3cd3906df9425666f5
SHA256

56e2476a1c16a555d945241205a7cac168b44fb8761fd6107ed15e316e0f080e
SHA512

c965c35c1e3bfea658008d8c04fac2a9809e675e44d2c4a396f247190da142e0df50a032542f4788e1db3d9f5969d24f164f06927b8283673e20f14dcb1f1cda
SSDEEP

3072:i1ZntgK0+KH+lwOU3aO2ypNvG1rpvrRCRBgLVs9bwFPtj+5X4BIH:8ZtZI+lwOUKO9G/vrWmV0We

Score

10^/10

ramnit banker discovery spyware stealer trojan upx worm

Static task

static1

1 signatures

Behavioral task

behavioral1

Sample

56e2476a1c16a555d945241205a7cac168b44fb8761fd6107ed15e316e0f080eN.exe

Resource

win7-20241010-en

ramnit banker discovery spyware stealer trojan upx worm

windows7-x64

12 signatures

120 seconds

Behavioral task

behavioral2

Sample

56e2476a1c16a555d945241205a7cac168b44fb8761fd6107ed15e316e0f080eN.exe

Resource

win10v2004-20241007-en

ramnit banker discovery spyware stealer trojan upx worm

windows10-2004-x64

11 signatures

120 seconds

Malware Config

Targets

- Target
  
  56e2476a1c16a555d945241205a7cac168b44fb8761fd6107ed15e316e0f080eN.exe
- Size
  
  198KB
- MD5
  
  17c77037f77b4d00969143fa29e45ee0
- SHA1
  
  bb9c545cb32c36e6c8fd7a3cd3906df9425666f5
- SHA256
  
  56e2476a1c16a555d945241205a7cac168b44fb8761fd6107ed15e316e0f080e
- SHA512
  
  c965c35c1e3bfea658008d8c04fac2a9809e675e44d2c4a396f247190da142e0df50a032542f4788e1db3d9f5969d24f164f06927b8283673e20f14dcb1f1cda
- SSDEEP
  
  3072:i1ZntgK0+KH+lwOU3aO2ypNvG1rpvrRCRBgLVs9bwFPtj+5X4BIH:8ZtZI+lwOUKO9G/vrWmV0We
Score

10^/10

ramnit banker discovery spyware stealer trojan upx worm
- Ramnit
  Ramnit is a versatile family that holds viruses, worms, and Trojans.
  trojan spyware stealer worm banker ramnit
- Ramnit family
  ramnit
- Executes dropped EXE
- Loads dropped DLL
- UPX packed file
  Detects executables packed with UPX/modified UPX open source packer.
  upx
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Modify Registry

Credential Access

Discovery

System Location Discovery

System Language Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

ramnitbankerdiscoveryspywarestealertrojanupxworm

behavioral2

ramnitbankerdiscoveryspywarestealertrojanupxworm

© 2018-2025

Terms | Privacy