ramnit | eeca377719e171593ed8eece134f4234b543df567c0d3a4b4361674d705f4631 | Triage

Submit
Reports

Overview

overview

Static

static

5

eeca377719...31.dll

windows7-x64

eeca377719...31.dll

windows10-2004-x64

Sharing

General

Target

eeca377719e171593ed8eece134f4234b543df567c0d3a4b4361674d705f4631.exe
Size

181KB
Sample

241210-ywfwyssjar
MD5

f557cab2d058fc7f0ea1dff90917bbb9
SHA1

6f8830cdee2d3d17acb82daeee31f28a678e7ca4
SHA256

eeca377719e171593ed8eece134f4234b543df567c0d3a4b4361674d705f4631
SHA512

53fc5edeb140a8900dc399ea7df4c719e9941ec7832856bd4bcc929cf955062d66edb8b343585a8961221c4a2cc8018d56c24b7d329914a225e6633506eaa053
SSDEEP

3072:nhvKdimeyIEZ1dCJumZF7eOmgyNwV1Hhr768BHQg7bv//MFwFPtj+5X4BIH8:gzemdCJfZ0lNK1Hh36YHVvPMFWe8

Score

10^/10

ramnit banker discovery spyware stealer trojan upx worm

Static task

static1

2 signatures

Behavioral task

behavioral1

Sample

eeca377719e171593ed8eece134f4234b543df567c0d3a4b4361674d705f4631.dll

Resource

win7-20240708-en

ramnit banker discovery spyware stealer trojan upx worm

windows7-x64

14 signatures

120 seconds

Behavioral task

behavioral2

Sample

eeca377719e171593ed8eece134f4234b543df567c0d3a4b4361674d705f4631.dll

Resource

win10v2004-20241007-en

ramnit banker discovery spyware stealer trojan upx worm

windows10-2004-x64

13 signatures

120 seconds

Malware Config

Targets

- Target
  
  eeca377719e171593ed8eece134f4234b543df567c0d3a4b4361674d705f4631.exe
- Size
  
  181KB
- MD5
  
  f557cab2d058fc7f0ea1dff90917bbb9
- SHA1
  
  6f8830cdee2d3d17acb82daeee31f28a678e7ca4
- SHA256
  
  eeca377719e171593ed8eece134f4234b543df567c0d3a4b4361674d705f4631
- SHA512
  
  53fc5edeb140a8900dc399ea7df4c719e9941ec7832856bd4bcc929cf955062d66edb8b343585a8961221c4a2cc8018d56c24b7d329914a225e6633506eaa053
- SSDEEP
  
  3072:nhvKdimeyIEZ1dCJumZF7eOmgyNwV1Hhr768BHQg7bv//MFwFPtj+5X4BIH8:gzemdCJfZ0lNK1Hh36YHVvPMFWe8
Score

10^/10

ramnit banker discovery spyware stealer trojan upx worm
- Ramnit
  Ramnit is a versatile family that holds viruses, worms, and Trojans.
  trojan spyware stealer worm banker ramnit
- Ramnit family
  ramnit
- Executes dropped EXE
- Loads dropped DLL
- Drops file in System32 directory
- UPX packed file
  Detects executables packed with UPX/modified UPX open source packer.
  upx
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Modify Registry

Credential Access

Discovery

System Location Discovery

System Language Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

ramnitbankerdiscoveryspywarestealertrojanupxworm

behavioral2

ramnitbankerdiscoveryspywarestealertrojanupxworm

© 2018-2025

Terms | Privacy