ramnit | b2a14bfdfd0f46e9e7db081edee8506d044493cd037b42204e6306844c40aa6d | Triage

Submit
Reports

Overview

overview

Static

static

3

b2a14bfdfd...6d.dll

windows7-x64

b2a14bfdfd...6d.dll

windows10-2004-x64

Sharing

General

Target

b2a14bfdfd0f46e9e7db081edee8506d044493cd037b42204e6306844c40aa6d.exe
Size

124KB
Sample

241226-xw7h8svqgy
MD5

54d16fc26d5a926760be2631a0466900
SHA1

1e0bfdc77774dbee96f38e5eaa48fa0e16219d36
SHA256

b2a14bfdfd0f46e9e7db081edee8506d044493cd037b42204e6306844c40aa6d
SHA512

5a3ffe7b01f8d8a216e91788acb0a2fed4e80682520bc3701bf52dcea3b14e840e29c3f76c76b507caf8ccc93615f7709fc249f3fd7fa83ac5e3e402b93f22df
SSDEEP

3072:Fj6tJY+M7VmKeZ88Dkj7oR2SqwKJXtf5DGyVBQwIY6X4o7:FzcvZNDkYR2SqwK/AyVBQ9RIw

Score

10^/10

ramnit banker discovery spyware stealer trojan upx worm

Static task

static1

1 signatures

Behavioral task

behavioral1

Sample

b2a14bfdfd0f46e9e7db081edee8506d044493cd037b42204e6306844c40aa6d.dll

Resource

win7-20240903-en

ramnit banker discovery spyware stealer trojan upx worm

windows7-x64

14 signatures

120 seconds

Behavioral task

behavioral2

Sample

b2a14bfdfd0f46e9e7db081edee8506d044493cd037b42204e6306844c40aa6d.dll

Resource

win10v2004-20241007-en

ramnit banker discovery spyware stealer trojan upx worm

windows10-2004-x64

13 signatures

120 seconds

Malware Config

Targets

- Target
  
  b2a14bfdfd0f46e9e7db081edee8506d044493cd037b42204e6306844c40aa6d.exe
- Size
  
  124KB
- MD5
  
  54d16fc26d5a926760be2631a0466900
- SHA1
  
  1e0bfdc77774dbee96f38e5eaa48fa0e16219d36
- SHA256
  
  b2a14bfdfd0f46e9e7db081edee8506d044493cd037b42204e6306844c40aa6d
- SHA512
  
  5a3ffe7b01f8d8a216e91788acb0a2fed4e80682520bc3701bf52dcea3b14e840e29c3f76c76b507caf8ccc93615f7709fc249f3fd7fa83ac5e3e402b93f22df
- SSDEEP
  
  3072:Fj6tJY+M7VmKeZ88Dkj7oR2SqwKJXtf5DGyVBQwIY6X4o7:FzcvZNDkYR2SqwK/AyVBQ9RIw
Score

10^/10

ramnit banker discovery spyware stealer trojan upx worm
- Ramnit
  Ramnit is a versatile family that holds viruses, worms, and Trojans.
  trojan spyware stealer worm banker ramnit
- Ramnit family
  ramnit
- Executes dropped EXE
- Loads dropped DLL
- Drops file in System32 directory
- UPX packed file
  Detects executables packed with UPX/modified UPX open source packer.
  upx
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Modify Registry

Credential Access

Discovery

System Location Discovery

System Language Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

ramnitbankerdiscoveryspywarestealertrojanupxworm

behavioral2

ramnitbankerdiscoveryspywarestealertrojanupxworm

© 2018-2025

Terms | Privacy