ramnit | 131be0a9cce8a992b70fdabf92e240e9bdc37828c50fa165b85655fce4500ee0 | Triage

Submit
Reports

Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

Overview

overview

Static

static

3

131be0a9cc...e0.exe

windows7-x64

131be0a9cc...e0.exe

windows10-2004-x64

Sharing

General

Target

131be0a9cce8a992b70fdabf92e240e9bdc37828c50fa165b85655fce4500ee0.exe
Size

168KB
Sample

241226-h6r4zazkgz
MD5

17c230c0076183a6c1007453b4a231be
SHA1

32a364ce866ac209d56e9c78c6b27d931f28c3aa
SHA256

131be0a9cce8a992b70fdabf92e240e9bdc37828c50fa165b85655fce4500ee0
SHA512

94cea063543b7e2d4ae6c50d10122eac7199019a60a23723af4cbb45643718517ae08971a78f8df07336390022749101f930a0f6ac895894d6dfe81a4449080e
SSDEEP

3072:mR6zmokL4tzbicGBPMC99S+bGRliB4ohBNy:G7L4hic89Zbl6o34

Score

10^/10

ramnit banker discovery spyware stealer trojan upx worm

Static task

static1

1 signatures

Behavioral task

behavioral1

Sample

131be0a9cce8a992b70fdabf92e240e9bdc37828c50fa165b85655fce4500ee0.exe

Resource

win7-20240903-en

ramnit banker discovery spyware stealer trojan upx worm

windows7-x64

8 signatures

120 seconds

Behavioral task

behavioral2

Sample

131be0a9cce8a992b70fdabf92e240e9bdc37828c50fa165b85655fce4500ee0.exe

Resource

win10v2004-20241007-en

ramnit banker discovery spyware stealer trojan upx worm

windows10-2004-x64

8 signatures

120 seconds

Malware Config

Targets

- Target
  
  131be0a9cce8a992b70fdabf92e240e9bdc37828c50fa165b85655fce4500ee0.exe
- Size
  
  168KB
- MD5
  
  17c230c0076183a6c1007453b4a231be
- SHA1
  
  32a364ce866ac209d56e9c78c6b27d931f28c3aa
- SHA256
  
  131be0a9cce8a992b70fdabf92e240e9bdc37828c50fa165b85655fce4500ee0
- SHA512
  
  94cea063543b7e2d4ae6c50d10122eac7199019a60a23723af4cbb45643718517ae08971a78f8df07336390022749101f930a0f6ac895894d6dfe81a4449080e
- SSDEEP
  
  3072:mR6zmokL4tzbicGBPMC99S+bGRliB4ohBNy:G7L4hic89Zbl6o34
Score

10^/10

ramnit banker discovery spyware stealer trojan upx worm
- Ramnit
  Ramnit is a versatile family that holds viruses, worms, and Trojans.
  trojan spyware stealer worm banker ramnit
- Ramnit family
  ramnit
- Executes dropped EXE
- Loads dropped DLL
- UPX packed file
  Detects executables packed with UPX/modified UPX open source packer.
  upx
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

System Location Discovery

System Language Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

ramnitbankerdiscoveryspywarestealertrojanupxworm

behavioral2

ramnitbankerdiscoveryspywarestealertrojanupxworm

© 2018-2025

Terms | Privacy