ramnit | aa394c41bc7dde4325020597e3a3c34ec9aa0db33f593058ca75cc23a770d751 | Triage

Submit
Reports

Overview

overview

Static

static

3

aa394c41bc...51.dll

windows7-x64

aa394c41bc...51.dll

windows10-2004-x64

Sharing

General

Target

aa394c41bc7dde4325020597e3a3c34ec9aa0db33f593058ca75cc23a770d751.exe
Size

124KB
Sample

241226-f4lhasxpbs
MD5

4d81095027f6138e282232a92497f3ae
SHA1

da97a486eca9f7b92c005f29e20b5cdd2ef6155a
SHA256

aa394c41bc7dde4325020597e3a3c34ec9aa0db33f593058ca75cc23a770d751
SHA512

1b4f4d4b56ea5a2577918c9950fb6e93a3da9eb9442e21ea716d031f2201297f1d2b11f566de9d1fadf2df29c04232e6bf5df314e26f3a36ad5bae36a6b87e8a
SSDEEP

3072:Dj6t61lM7VmKeZ88Dkj7oR2SqwKJXtf5DGyVBQwIY6X49:DycvZNDkYR2SqwK/AyVBQ9RI9

Score

10^/10

ramnit banker discovery spyware stealer trojan upx worm

Static task

static1

1 signatures

Behavioral task

behavioral1

Sample

aa394c41bc7dde4325020597e3a3c34ec9aa0db33f593058ca75cc23a770d751.dll

Resource

win7-20240708-en

ramnit banker discovery spyware stealer trojan upx worm

windows7-x64

14 signatures

120 seconds

Behavioral task

behavioral2

Sample

aa394c41bc7dde4325020597e3a3c34ec9aa0db33f593058ca75cc23a770d751.dll

Resource

win10v2004-20241007-en

ramnit banker discovery spyware stealer trojan upx worm

windows10-2004-x64

13 signatures

120 seconds

Malware Config

Targets

- Target
  
  aa394c41bc7dde4325020597e3a3c34ec9aa0db33f593058ca75cc23a770d751.exe
- Size
  
  124KB
- MD5
  
  4d81095027f6138e282232a92497f3ae
- SHA1
  
  da97a486eca9f7b92c005f29e20b5cdd2ef6155a
- SHA256
  
  aa394c41bc7dde4325020597e3a3c34ec9aa0db33f593058ca75cc23a770d751
- SHA512
  
  1b4f4d4b56ea5a2577918c9950fb6e93a3da9eb9442e21ea716d031f2201297f1d2b11f566de9d1fadf2df29c04232e6bf5df314e26f3a36ad5bae36a6b87e8a
- SSDEEP
  
  3072:Dj6t61lM7VmKeZ88Dkj7oR2SqwKJXtf5DGyVBQwIY6X49:DycvZNDkYR2SqwK/AyVBQ9RI9
Score

10^/10

ramnit banker discovery spyware stealer trojan upx worm
- Ramnit
  Ramnit is a versatile family that holds viruses, worms, and Trojans.
  trojan spyware stealer worm banker ramnit
- Ramnit family
  ramnit
- Executes dropped EXE
- Loads dropped DLL
- Drops file in System32 directory
- UPX packed file
  Detects executables packed with UPX/modified UPX open source packer.
  upx
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Modify Registry

Credential Access

Discovery

System Location Discovery

System Language Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

ramnitbankerdiscoveryspywarestealertrojanupxworm

behavioral2

ramnitbankerdiscoveryspywarestealertrojanupxworm

© 2018-2025

Terms | Privacy