ramnit | 8c0b2906057e5311d007a9c4ce1fafa3b9d1127e1a90a5ba3e9b58a7856e3d08 | Triage

Submit
Reports

Overview

overview

Static

static

3

8c0b290605...08.dll

windows7-x64

8c0b290605...08.dll

windows10-2004-x64

Sharing

General

Target

8c0b2906057e5311d007a9c4ce1fafa3b9d1127e1a90a5ba3e9b58a7856e3d08.exe
Size

240KB
Sample

241230-2n53navnct
MD5

ac65db1e725e980edd9b4c424f1867c5
SHA1

0bf6302b6cc72cbbf78d5528a66fe28dec9ec270
SHA256

8c0b2906057e5311d007a9c4ce1fafa3b9d1127e1a90a5ba3e9b58a7856e3d08
SHA512

d21dc424abbaf6b483619a604d7177488743637df049a9873057329be464626574d0cd51bf3cd8e2f30c2c95205900df2cf6d886f82b45616339dc0971365d2b
SSDEEP

3072:43Z4B+8x2fCFIpcLy1n5lB7GrDWwqrlK4tb1sA622USAz3y184p:43KB+8A6FecLq1BwytF6DYC11p

Score

10^/10

ramnit banker discovery spyware stealer trojan upx worm

Static task

static1

1 signatures

Behavioral task

behavioral1

Sample

8c0b2906057e5311d007a9c4ce1fafa3b9d1127e1a90a5ba3e9b58a7856e3d08.dll

Resource

win7-20240903-en

ramnit banker discovery spyware stealer trojan upx worm

windows7-x64

9 signatures

150 seconds

Behavioral task

behavioral2

Sample

8c0b2906057e5311d007a9c4ce1fafa3b9d1127e1a90a5ba3e9b58a7856e3d08.dll

Resource

win10v2004-20241007-en

ramnit banker discovery spyware stealer trojan upx worm

windows10-2004-x64

10 signatures

150 seconds

Malware Config

Targets

- Target
  
  8c0b2906057e5311d007a9c4ce1fafa3b9d1127e1a90a5ba3e9b58a7856e3d08.exe
- Size
  
  240KB
- MD5
  
  ac65db1e725e980edd9b4c424f1867c5
- SHA1
  
  0bf6302b6cc72cbbf78d5528a66fe28dec9ec270
- SHA256
  
  8c0b2906057e5311d007a9c4ce1fafa3b9d1127e1a90a5ba3e9b58a7856e3d08
- SHA512
  
  d21dc424abbaf6b483619a604d7177488743637df049a9873057329be464626574d0cd51bf3cd8e2f30c2c95205900df2cf6d886f82b45616339dc0971365d2b
- SSDEEP
  
  3072:43Z4B+8x2fCFIpcLy1n5lB7GrDWwqrlK4tb1sA622USAz3y184p:43KB+8A6FecLq1BwytF6DYC11p
Score

10^/10

ramnit banker discovery spyware stealer trojan upx worm
- Ramnit
  Ramnit is a versatile family that holds viruses, worms, and Trojans.
  trojan spyware stealer worm banker ramnit
- Ramnit family
  ramnit
- Executes dropped EXE
- Loads dropped DLL
- Drops file in System32 directory
- UPX packed file
  Detects executables packed with UPX/modified UPX open source packer.
  upx
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

System Location Discovery

System Language Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

ramnitbankerdiscoveryspywarestealertrojanupxworm

behavioral2

ramnitbankerdiscoveryspywarestealertrojanupxworm

© 2018-2025

Terms | Privacy