ramnit

General

Target

51513bbb6bf59812e0ac3421caf8ebfdeb8d5cf56c7bff6d0865c36f91f98b0dN.exe
Size

1.2MB
Sample

241216-fsdnbaxkdm
MD5

ccb2b1c946c9455700f40cd46a4f1820
SHA1

3d86b523cfb5892f2821313526c14a9b486c840a
SHA256

51513bbb6bf59812e0ac3421caf8ebfdeb8d5cf56c7bff6d0865c36f91f98b0d
SHA512

bf18716bb5948b04f35ad3800edc3e63ed2a17c1eeabfa199ef2d38e3eeed2549b8b94554a02660b8c08d61bbf786c982fe1be09135be8487c02be5492a07fbc
SSDEEP

12288:EqOPajQUXXP8QvLWFx6Mo5rippDC7ee1hpls4Ey+YdHUCR:EnajQEPnvg6PhWDC750sJR

Score

10^/10

Malware Config

Targets

- Target
  
  51513bbb6bf59812e0ac3421caf8ebfdeb8d5cf56c7bff6d0865c36f91f98b0dN.exe
- Size
  
  1.2MB
- MD5
  
  ccb2b1c946c9455700f40cd46a4f1820
- SHA1
  
  3d86b523cfb5892f2821313526c14a9b486c840a
- SHA256
  
  51513bbb6bf59812e0ac3421caf8ebfdeb8d5cf56c7bff6d0865c36f91f98b0d
- SHA512
  
  bf18716bb5948b04f35ad3800edc3e63ed2a17c1eeabfa199ef2d38e3eeed2549b8b94554a02660b8c08d61bbf786c982fe1be09135be8487c02be5492a07fbc
- SSDEEP
  
  12288:EqOPajQUXXP8QvLWFx6Mo5rippDC7ee1hpls4Ey+YdHUCR:EnajQEPnvg6PhWDC750sJR
Score

10^/10

discovery ramnit banker spyware stealer trojan upx worm
- Ramnit
  Ramnit is a versatile family that holds viruses, worms, and Trojans.
  trojan spyware stealer worm banker ramnit
- Ramnit family
  ramnit
- Executes dropped EXE
- Loads dropped DLL
- UPX packed file
  Detects executables packed with UPX/modified UPX open source packer.
  upx
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Modify Registry

1

T1112

Credential Access

Discovery

System Information Discovery

1

T1082

System Location Discovery

1

T1614

System Language Discovery

1

T1614.001

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

Sharing

General

Malware Config

Targets

Ramnit family

Executes dropped EXE

Loads dropped DLL

UPX packed file

MITRE ATT&CK Enterprise v15

Tasks

static1

behavioral1

behavioral2