ramnit | 325d5916ac8acdac5be76a2e536a4f8a668f0e751bf077ccb1b19d05914cdb37 | Triage

Submit
Reports

Overview

overview

Static

static

3

325d5916ac...37.dll

windows7-x64

7

325d5916ac...37.dll

windows10-2004-x64

Sharing

General

Target

325d5916ac8acdac5be76a2e536a4f8a668f0e751bf077ccb1b19d05914cdb37.exe
Size

2.0MB
Sample

241222-ad4y3avmbt
MD5

35db4ac4dcd4ffeb07d06c740d086511
SHA1

70f57f77d181df85f0f801a643e7ac75c73d0b95
SHA256

325d5916ac8acdac5be76a2e536a4f8a668f0e751bf077ccb1b19d05914cdb37
SHA512

fb7b9aa116221b67db4f99459153e1c4d3df7ddf29756291e890da2db9cdda2942d8965fda50bb1cf86526ab73a00f6996ce356b0a0e16f7f192a8fdc3ecc73b
SSDEEP

24576:L7IY7a9IRCRqRPkHQo411810cNScGKJydXTZDwmzRMo3DP7x5nbiQj2k70gBZzoU:/IY5RMHMf810Knor5zqo3zNJuQj7jMU

Score

10^/10

ramnit banker discovery spyware stealer trojan upx worm

Static task

static1

1 signatures

Behavioral task

behavioral1

Sample

325d5916ac8acdac5be76a2e536a4f8a668f0e751bf077ccb1b19d05914cdb37.dll

Resource

win7-20240729-en

windows7-x64

6 signatures

150 seconds

Behavioral task

behavioral2

Sample

325d5916ac8acdac5be76a2e536a4f8a668f0e751bf077ccb1b19d05914cdb37.dll

Resource

win10v2004-20241007-en

ramnit banker discovery spyware stealer trojan upx worm

windows10-2004-x64

15 signatures

150 seconds

Malware Config

Targets

- Target
  
  325d5916ac8acdac5be76a2e536a4f8a668f0e751bf077ccb1b19d05914cdb37.exe
- Size
  
  2.0MB
- MD5
  
  35db4ac4dcd4ffeb07d06c740d086511
- SHA1
  
  70f57f77d181df85f0f801a643e7ac75c73d0b95
- SHA256
  
  325d5916ac8acdac5be76a2e536a4f8a668f0e751bf077ccb1b19d05914cdb37
- SHA512
  
  fb7b9aa116221b67db4f99459153e1c4d3df7ddf29756291e890da2db9cdda2942d8965fda50bb1cf86526ab73a00f6996ce356b0a0e16f7f192a8fdc3ecc73b
- SSDEEP
  
  24576:L7IY7a9IRCRqRPkHQo411810cNScGKJydXTZDwmzRMo3DP7x5nbiQj2k70gBZzoU:/IY5RMHMf810Knor5zqo3zNJuQj7jMU
Score

10^/10

discovery ramnit banker spyware stealer trojan upx worm
- Ramnit
  Ramnit is a versatile family that holds viruses, worms, and Trojans.
  trojan spyware stealer worm banker ramnit
- Ramnit family
  ramnit
- Executes dropped EXE
- Loads dropped DLL
- Drops file in System32 directory
- UPX packed file
  Detects executables packed with UPX/modified UPX open source packer.
  upx
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Modify Registry

Credential Access

Discovery

System Location Discovery

System Language Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2

ramnitbankerdiscoveryspywarestealertrojanupxworm

© 2018-2024

Terms | Privacy