ramnit | a74698c4f42c2cca66ff854076a2f673729e1da2b444a1f8f0f13c303b9e3960 | Triage

Submit
Reports

Overview

overview

Static

static

3

a74698c4f4...60.dll

windows7-x64

3

a74698c4f4...60.dll

windows10-2004-x64

Sharing

General

Target

a74698c4f42c2cca66ff854076a2f673729e1da2b444a1f8f0f13c303b9e3960.exe
Size

211KB
Sample

241222-qfhrlszmbn
MD5

6faa1af8c7077fa41d49973f939144bc
SHA1

61ab314d609249a6e109814a46d7c6f65a98d26d
SHA256

a74698c4f42c2cca66ff854076a2f673729e1da2b444a1f8f0f13c303b9e3960
SHA512

95f4196a6c16cb812194cbb862e0810f4ad687933b6acdded00f2290e23af30b93468da99aa86a1eaaad71f4d0fb3e5c9543f60ab0c809f6adfce1937efaaadb
SSDEEP

3072:TnMoFkOKCg3CXmSSZlzgeBTg4vRPo5NNFs+XNtUU/chmcFTulOVq5pNOV8SAkb85:TMJOWK4l0wqOVq1W8St8CUHF

Score

10^/10

ramnit banker discovery spyware stealer trojan upx worm

Static task

static1

1 signatures

Behavioral task

behavioral1

Sample

a74698c4f42c2cca66ff854076a2f673729e1da2b444a1f8f0f13c303b9e3960.dll

Resource

win7-20240903-en

windows7-x64

2 signatures

120 seconds

Behavioral task

behavioral2

Sample

a74698c4f42c2cca66ff854076a2f673729e1da2b444a1f8f0f13c303b9e3960.dll

Resource

win10v2004-20241007-en

ramnit banker discovery spyware stealer trojan upx worm

windows10-2004-x64

15 signatures

120 seconds

Malware Config

Targets

- Target
  
  a74698c4f42c2cca66ff854076a2f673729e1da2b444a1f8f0f13c303b9e3960.exe
- Size
  
  211KB
- MD5
  
  6faa1af8c7077fa41d49973f939144bc
- SHA1
  
  61ab314d609249a6e109814a46d7c6f65a98d26d
- SHA256
  
  a74698c4f42c2cca66ff854076a2f673729e1da2b444a1f8f0f13c303b9e3960
- SHA512
  
  95f4196a6c16cb812194cbb862e0810f4ad687933b6acdded00f2290e23af30b93468da99aa86a1eaaad71f4d0fb3e5c9543f60ab0c809f6adfce1937efaaadb
- SSDEEP
  
  3072:TnMoFkOKCg3CXmSSZlzgeBTg4vRPo5NNFs+XNtUU/chmcFTulOVq5pNOV8SAkb85:TMJOWK4l0wqOVq1W8St8CUHF
Score

10^/10

discovery ramnit banker spyware stealer trojan upx worm
- Ramnit
  Ramnit is a versatile family that holds viruses, worms, and Trojans.
  trojan spyware stealer worm banker ramnit
- Ramnit family
  ramnit
- Executes dropped EXE
- Drops file in System32 directory
- UPX packed file
  Detects executables packed with UPX/modified UPX open source packer.
  upx
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Modify Registry

Credential Access

Discovery

System Location Discovery

System Language Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2

ramnitbankerdiscoveryspywarestealertrojanupxworm

© 2018-2024

Terms | Privacy