ramnit | b56e29dbeb4f7a15308e0403196c422d8dec48bcd63d3230adb8f7cb9805e68d | Triage

Submit
Reports

Overview

overview

Static

static

3

b56e29dbeb...8d.dll

windows7-x64

b56e29dbeb...8d.dll

windows10-2004-x64

Sharing

General

Target

b56e29dbeb4f7a15308e0403196c422d8dec48bcd63d3230adb8f7cb9805e68d.exe
Size

386KB
Sample

241211-q2mmpavlhy
MD5

d7b472caa2cf71209ce7a06f442a1f59
SHA1

5bcd2f5fccd97856db0f332bd02a1a227d222597
SHA256

b56e29dbeb4f7a15308e0403196c422d8dec48bcd63d3230adb8f7cb9805e68d
SHA512

11c278a8d70d21ed4cc9cd48f1015d6451b44e08e7ee8159c2f0b2651f42d79443d96d9019b97c163c063c9e7e0c59fb0bf77b5efa4809815944b84b6a0b6848
SSDEEP

6144:6ZUlm384BhhmfmmKgyWy3iKVCq5A4HaeapaqaBe/xEMNkbYe:6Slm388hYfmmKgyExEM9e

Score

10^/10

ramnit banker discovery spyware stealer trojan upx worm

Static task

static1

1 signatures

Behavioral task

behavioral1

Sample

b56e29dbeb4f7a15308e0403196c422d8dec48bcd63d3230adb8f7cb9805e68d.dll

Resource

win7-20240729-en

ramnit banker discovery spyware stealer trojan upx worm

windows7-x64

14 signatures

120 seconds

Behavioral task

behavioral2

Sample

b56e29dbeb4f7a15308e0403196c422d8dec48bcd63d3230adb8f7cb9805e68d.dll

Resource

win10v2004-20241007-en

ramnit banker discovery spyware stealer trojan upx worm

windows10-2004-x64

13 signatures

120 seconds

Malware Config

Targets

- Target
  
  b56e29dbeb4f7a15308e0403196c422d8dec48bcd63d3230adb8f7cb9805e68d.exe
- Size
  
  386KB
- MD5
  
  d7b472caa2cf71209ce7a06f442a1f59
- SHA1
  
  5bcd2f5fccd97856db0f332bd02a1a227d222597
- SHA256
  
  b56e29dbeb4f7a15308e0403196c422d8dec48bcd63d3230adb8f7cb9805e68d
- SHA512
  
  11c278a8d70d21ed4cc9cd48f1015d6451b44e08e7ee8159c2f0b2651f42d79443d96d9019b97c163c063c9e7e0c59fb0bf77b5efa4809815944b84b6a0b6848
- SSDEEP
  
  6144:6ZUlm384BhhmfmmKgyWy3iKVCq5A4HaeapaqaBe/xEMNkbYe:6Slm388hYfmmKgyExEM9e
Score

10^/10

ramnit banker discovery spyware stealer trojan upx worm
- Ramnit
  Ramnit is a versatile family that holds viruses, worms, and Trojans.
  trojan spyware stealer worm banker ramnit
- Ramnit family
  ramnit
- Executes dropped EXE
- Loads dropped DLL
- Drops file in System32 directory
- UPX packed file
  Detects executables packed with UPX/modified UPX open source packer.
  upx
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Modify Registry

Credential Access

Discovery

System Location Discovery

System Language Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

ramnitbankerdiscoveryspywarestealertrojanupxworm

behavioral2

ramnitbankerdiscoveryspywarestealertrojanupxworm

© 2018-2025

Terms | Privacy