ramnit | 6c756cda8715992748c27f05b0b22653b94ad46231395cd290c97977bb0475a1 | Triage

Submit
Reports

Overview

overview

Static

static

3

6c756cda87...a1.dll

windows7-x64

6c756cda87...a1.dll

windows10-2004-x64

Sharing

General

Target

6c756cda8715992748c27f05b0b22653b94ad46231395cd290c97977bb0475a1
Size

124KB
Sample

241224-284ekazpcx
MD5

9fe8e5376fdec908ed52e0141c9bc430
SHA1

0824f40d42f6282f0865194a888298d9b2c63f68
SHA256

6c756cda8715992748c27f05b0b22653b94ad46231395cd290c97977bb0475a1
SHA512

6f2317c017685a5c5cd8d5d5403eb809fc37dd20bb60c190b66ef6fa15496c29e0eb7a5024de227f110ab6e9047444d41f898efabe7b382dd183daedd576a9a3
SSDEEP

3072:ijulMZM5M7VmKeZ88Dkj7oR2SqwKJXtf5DGyVBQwIY6X4Z:i9BcvZNDkYR2SqwK/AyVBQ9RIZ

Score

10^/10

ramnit banker discovery spyware stealer trojan upx worm

Static task

static1

1 signatures

Behavioral task

behavioral1

Sample

6c756cda8715992748c27f05b0b22653b94ad46231395cd290c97977bb0475a1.dll

Resource

win7-20241010-en

ramnit banker discovery spyware stealer trojan upx worm

windows7-x64

14 signatures

150 seconds

Behavioral task

behavioral2

Sample

6c756cda8715992748c27f05b0b22653b94ad46231395cd290c97977bb0475a1.dll

Resource

win10v2004-20241007-en

ramnit banker discovery spyware stealer trojan upx worm

windows10-2004-x64

13 signatures

150 seconds

Malware Config

Targets

- Target
  
  6c756cda8715992748c27f05b0b22653b94ad46231395cd290c97977bb0475a1
- Size
  
  124KB
- MD5
  
  9fe8e5376fdec908ed52e0141c9bc430
- SHA1
  
  0824f40d42f6282f0865194a888298d9b2c63f68
- SHA256
  
  6c756cda8715992748c27f05b0b22653b94ad46231395cd290c97977bb0475a1
- SHA512
  
  6f2317c017685a5c5cd8d5d5403eb809fc37dd20bb60c190b66ef6fa15496c29e0eb7a5024de227f110ab6e9047444d41f898efabe7b382dd183daedd576a9a3
- SSDEEP
  
  3072:ijulMZM5M7VmKeZ88Dkj7oR2SqwKJXtf5DGyVBQwIY6X4Z:i9BcvZNDkYR2SqwK/AyVBQ9RIZ
Score

10^/10

ramnit banker discovery spyware stealer trojan upx worm
- Ramnit
  Ramnit is a versatile family that holds viruses, worms, and Trojans.
  trojan spyware stealer worm banker ramnit
- Ramnit family
  ramnit
- Executes dropped EXE
- Loads dropped DLL
- Drops file in System32 directory
- UPX packed file
  Detects executables packed with UPX/modified UPX open source packer.
  upx
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Modify Registry

Credential Access

Discovery

System Location Discovery

System Language Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

ramnitbankerdiscoveryspywarestealertrojanupxworm

behavioral2

ramnitbankerdiscoveryspywarestealertrojanupxworm

© 2018-2025

Terms | Privacy