ramnit | dbc7b25437000025f0e11db80b40fc1a616d70b22081fbab175a6e3131b33869 | Triage

Submit
Reports

Overview

overview

Static

static

3

dbc7b25437...9N.dll

windows7-x64

7

dbc7b25437...9N.dll

windows10-2004-x64

Sharing

General

Target

dbc7b25437000025f0e11db80b40fc1a616d70b22081fbab175a6e3131b33869N.exe
Size

124KB
Sample

241226-dy3taawkgk
MD5

be69266a274aabd650738259d64992b0
SHA1

677c057e18eb7b316af2725fd470532adf9359ce
SHA256

dbc7b25437000025f0e11db80b40fc1a616d70b22081fbab175a6e3131b33869
SHA512

53c8c7b3ef260208d5fa6473fe69cd277135ae105f1987095981036928781060dda376b1861e6506f7b6f98175f1a53ea80561b7366ea03c4d8e98bd41322b29
SSDEEP

3072:8j6tdCcM7VmKeZ88Dkj7oR2SqwKJXtf5DGyVBQwIY6X4O:8HcvZNDkYR2SqwK/AyVBQ9RIO

Score

10^/10

ramnit banker discovery spyware stealer trojan upx worm

Static task

static1

1 signatures

Behavioral task

behavioral1

Sample

dbc7b25437000025f0e11db80b40fc1a616d70b22081fbab175a6e3131b33869N.dll

Resource

win7-20240903-en

windows7-x64

6 signatures

120 seconds

Behavioral task

behavioral2

Sample

dbc7b25437000025f0e11db80b40fc1a616d70b22081fbab175a6e3131b33869N.dll

Resource

win10v2004-20241007-en

ramnit banker discovery spyware stealer trojan upx worm

windows10-2004-x64

13 signatures

120 seconds

Malware Config

Targets

- Target
  
  dbc7b25437000025f0e11db80b40fc1a616d70b22081fbab175a6e3131b33869N.exe
- Size
  
  124KB
- MD5
  
  be69266a274aabd650738259d64992b0
- SHA1
  
  677c057e18eb7b316af2725fd470532adf9359ce
- SHA256
  
  dbc7b25437000025f0e11db80b40fc1a616d70b22081fbab175a6e3131b33869
- SHA512
  
  53c8c7b3ef260208d5fa6473fe69cd277135ae105f1987095981036928781060dda376b1861e6506f7b6f98175f1a53ea80561b7366ea03c4d8e98bd41322b29
- SSDEEP
  
  3072:8j6tdCcM7VmKeZ88Dkj7oR2SqwKJXtf5DGyVBQwIY6X4O:8HcvZNDkYR2SqwK/AyVBQ9RIO
Score

10^/10

discovery ramnit banker spyware stealer trojan upx worm
- Ramnit
  Ramnit is a versatile family that holds viruses, worms, and Trojans.
  trojan spyware stealer worm banker ramnit
- Ramnit family
  ramnit
- Executes dropped EXE
- Loads dropped DLL
- Drops file in System32 directory
- UPX packed file
  Detects executables packed with UPX/modified UPX open source packer.
  upx
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Modify Registry

Credential Access

Discovery

System Location Discovery

System Language Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2

ramnitbankerdiscoveryspywarestealertrojanupxworm

© 2018-2025

Terms | Privacy