ramnit | 19a84d0c990f027f9af77a60ae4203a3c969838c8c69012cbce938894b133cc9 | Triage

Submit
Reports

Overview

overview

Static

static

3

19a84d0c99...c9.dll

windows7-x64

7

19a84d0c99...c9.dll

windows10-2004-x64

Sharing

General

Target

19a84d0c990f027f9af77a60ae4203a3c969838c8c69012cbce938894b133cc9.exe
Size

108KB
Sample

241211-bewvhsxqez
MD5

b61e75d963a6954b38f1f7d29eef6445
SHA1

8dc70b25153d95b5c162c23400515f434f974d8d
SHA256

19a84d0c990f027f9af77a60ae4203a3c969838c8c69012cbce938894b133cc9
SHA512

c94c6601016bd50eb6b164dcc017184aac56b9b5502377a491e5e37437ddd78bdeb9c040bec61a228f163f4bf4fa7c1eb5dbb8ee1832513a8f5802fceb98c22e
SSDEEP

3072:0D09MaWLOdfPQdYeW23376WrKMJg1oRuB1yFWgALVfZQg4JfM+tg:0aqOdHQnbKMJg1aAgUMfM+y

Score

10^/10

ramnit banker discovery spyware stealer trojan upx worm

Static task

static1

1 signatures

Behavioral task

behavioral1

Sample

19a84d0c990f027f9af77a60ae4203a3c969838c8c69012cbce938894b133cc9.dll

Resource

win7-20240903-en

windows7-x64

6 signatures

120 seconds

Behavioral task

behavioral2

Sample

19a84d0c990f027f9af77a60ae4203a3c969838c8c69012cbce938894b133cc9.dll

Resource

win10v2004-20241007-en

ramnit banker discovery spyware stealer trojan upx worm

windows10-2004-x64

15 signatures

120 seconds

Malware Config

Targets

- Target
  
  19a84d0c990f027f9af77a60ae4203a3c969838c8c69012cbce938894b133cc9.exe
- Size
  
  108KB
- MD5
  
  b61e75d963a6954b38f1f7d29eef6445
- SHA1
  
  8dc70b25153d95b5c162c23400515f434f974d8d
- SHA256
  
  19a84d0c990f027f9af77a60ae4203a3c969838c8c69012cbce938894b133cc9
- SHA512
  
  c94c6601016bd50eb6b164dcc017184aac56b9b5502377a491e5e37437ddd78bdeb9c040bec61a228f163f4bf4fa7c1eb5dbb8ee1832513a8f5802fceb98c22e
- SSDEEP
  
  3072:0D09MaWLOdfPQdYeW23376WrKMJg1oRuB1yFWgALVfZQg4JfM+tg:0aqOdHQnbKMJg1aAgUMfM+y
Score

10^/10

discovery ramnit banker spyware stealer trojan upx worm
- Ramnit
  Ramnit is a versatile family that holds viruses, worms, and Trojans.
  trojan spyware stealer worm banker ramnit
- Ramnit family
  ramnit
- Executes dropped EXE
- Loads dropped DLL
- Drops file in System32 directory
- UPX packed file
  Detects executables packed with UPX/modified UPX open source packer.
  upx
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Modify Registry

Credential Access

Discovery

System Location Discovery

System Language Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2

ramnitbankerdiscoveryspywarestealertrojanupxworm

© 2018-2025

Terms | Privacy