ramnit | 06433f3c8888129342dae6b3de228b91b3d036ca53455d1941838330096906e7 | Triage

Submit
Reports

Overview

overview

Static

static

3

06433f3c88...7N.dll

windows7-x64

06433f3c88...7N.dll

windows10-2004-x64

Sharing

General

Target

06433f3c8888129342dae6b3de228b91b3d036ca53455d1941838330096906e7N.exe
Size

141KB
Sample

241215-2qptfssnfr
MD5

4c612908d35eee2dd113e7d4f3366a80
SHA1

3d87ea4e2064ab51658256a2fce7bbcce534290f
SHA256

06433f3c8888129342dae6b3de228b91b3d036ca53455d1941838330096906e7
SHA512

30e30460e8a5e29e6982e9b01e1fb9292ee7393f847bf820f2be0d6850d46f068559a19a85fcdc7fb5fa3b24ae814f19c6c9d9c1b8abd36cd70d24ead47843ee
SSDEEP

3072:rng63cuQYoiOBueq9wccKnZcl3naTbmb5/+efUfZSC9vGc:rn/cXiOBu9wcDZcl3naTbmb55UfZXVGc

Score

10^/10

ramnit banker discovery spyware stealer trojan upx worm

Static task

static1

1 signatures

Behavioral task

behavioral1

Sample

06433f3c8888129342dae6b3de228b91b3d036ca53455d1941838330096906e7N.dll

Resource

win7-20241010-en

ramnit banker discovery spyware stealer trojan upx worm

windows7-x64

9 signatures

120 seconds

Behavioral task

behavioral2

Sample

06433f3c8888129342dae6b3de228b91b3d036ca53455d1941838330096906e7N.dll

Resource

win10v2004-20241007-en

ramnit banker discovery spyware stealer trojan upx worm

windows10-2004-x64

9 signatures

120 seconds

Malware Config

Targets

- Target
  
  06433f3c8888129342dae6b3de228b91b3d036ca53455d1941838330096906e7N.exe
- Size
  
  141KB
- MD5
  
  4c612908d35eee2dd113e7d4f3366a80
- SHA1
  
  3d87ea4e2064ab51658256a2fce7bbcce534290f
- SHA256
  
  06433f3c8888129342dae6b3de228b91b3d036ca53455d1941838330096906e7
- SHA512
  
  30e30460e8a5e29e6982e9b01e1fb9292ee7393f847bf820f2be0d6850d46f068559a19a85fcdc7fb5fa3b24ae814f19c6c9d9c1b8abd36cd70d24ead47843ee
- SSDEEP
  
  3072:rng63cuQYoiOBueq9wccKnZcl3naTbmb5/+efUfZSC9vGc:rn/cXiOBu9wcDZcl3naTbmb55UfZXVGc
Score

10^/10

ramnit banker discovery spyware stealer trojan upx worm
- Ramnit
  Ramnit is a versatile family that holds viruses, worms, and Trojans.
  trojan spyware stealer worm banker ramnit
- Ramnit family
  ramnit
- Executes dropped EXE
- Loads dropped DLL
- Drops file in System32 directory
- UPX packed file
  Detects executables packed with UPX/modified UPX open source packer.
  upx
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

System Location Discovery

System Language Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

ramnitbankerdiscoveryspywarestealertrojanupxworm

behavioral2

ramnitbankerdiscoveryspywarestealertrojanupxworm

© 2018-2025

Terms | Privacy