ramnit | 83777e971aab9ececdca02949cc358f1684b11441bb04fc34ce9f692bf079a94 | Triage

Submit
Reports

Overview

overview

Static

static

3

83777e971a...94.dll

windows7-x64

83777e971a...94.dll

windows10-2004-x64

Sharing

General

Target

83777e971aab9ececdca02949cc358f1684b11441bb04fc34ce9f692bf079a94
Size

128KB
Sample

241225-achdns1phr
MD5

e5110ce2f43aa7ca02233f61ce690295
SHA1

1c86c0dd1602aae4be5a103088174b6769cc2b27
SHA256

83777e971aab9ececdca02949cc358f1684b11441bb04fc34ce9f692bf079a94
SHA512

107c631e764ffd4af0c37c14897b6834430560e30f07065c8ab6526b21b1d2aa02deb19da780a4c7f6315d6d8c3bff7686f709be546e80ef0844acc92ef135aa
SSDEEP

3072:iMLMhM7VmKeZ88Dkj7oR2SqwKJXtf5DGyVBQwIY6X4Y:BcvZNDkYR2SqwK/AyVBQ9RIY

Score

10^/10

ramnit banker discovery spyware stealer trojan upx worm

Static task

static1

1 signatures

Behavioral task

behavioral1

Sample

83777e971aab9ececdca02949cc358f1684b11441bb04fc34ce9f692bf079a94.dll

Resource

win7-20240903-en

ramnit banker discovery spyware stealer trojan upx worm

windows7-x64

14 signatures

150 seconds

Behavioral task

behavioral2

Sample

83777e971aab9ececdca02949cc358f1684b11441bb04fc34ce9f692bf079a94.dll

Resource

win10v2004-20241007-en

ramnit banker discovery spyware stealer trojan upx worm

windows10-2004-x64

13 signatures

150 seconds

Malware Config

Targets

- Target
  
  83777e971aab9ececdca02949cc358f1684b11441bb04fc34ce9f692bf079a94
- Size
  
  128KB
- MD5
  
  e5110ce2f43aa7ca02233f61ce690295
- SHA1
  
  1c86c0dd1602aae4be5a103088174b6769cc2b27
- SHA256
  
  83777e971aab9ececdca02949cc358f1684b11441bb04fc34ce9f692bf079a94
- SHA512
  
  107c631e764ffd4af0c37c14897b6834430560e30f07065c8ab6526b21b1d2aa02deb19da780a4c7f6315d6d8c3bff7686f709be546e80ef0844acc92ef135aa
- SSDEEP
  
  3072:iMLMhM7VmKeZ88Dkj7oR2SqwKJXtf5DGyVBQwIY6X4Y:BcvZNDkYR2SqwK/AyVBQ9RIY
Score

10^/10

ramnit banker discovery spyware stealer trojan upx worm
- Ramnit
  Ramnit is a versatile family that holds viruses, worms, and Trojans.
  trojan spyware stealer worm banker ramnit
- Ramnit family
  ramnit
- Executes dropped EXE
- Loads dropped DLL
- Drops file in System32 directory
- UPX packed file
  Detects executables packed with UPX/modified UPX open source packer.
  upx
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Modify Registry

Credential Access

Discovery

System Location Discovery

System Language Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

ramnitbankerdiscoveryspywarestealertrojanupxworm

behavioral2

ramnitbankerdiscoveryspywarestealertrojanupxworm

© 2018-2025

Terms | Privacy