ramnit | cbf06a4790108ec1fa1a352a648b2cc583dc0b4345044a5bd79a253a99c9f523 | Triage

Submit
Reports

Overview

overview

Static

static

3

cbf06a4790...3N.dll

windows7-x64

cbf06a4790...3N.dll

windows10-2004-x64

Sharing

General

Target

cbf06a4790108ec1fa1a352a648b2cc583dc0b4345044a5bd79a253a99c9f523N.exe
Size

160KB
Sample

250101-1rrtrsymhn
MD5

f0b787b8cce5aa401027ead09b1e5630
SHA1

3d97d869f0a76d4ff5dea9d845f16b1e12b1ab60
SHA256

cbf06a4790108ec1fa1a352a648b2cc583dc0b4345044a5bd79a253a99c9f523
SHA512

93bd70b302ed57423343266ee73d258024a2663b6ae3f58bf1f5e6593b7d6bc3ab81af478a85cec77a44a60775f701d65d47638b48c5675524936d804a89e91b
SSDEEP

3072:Y88P73GGCzTgiWsG8utIoToExSvZKTj4nj:YFC/g0GEXoSvZKTjGj

Score

10^/10

ramnit banker discovery spyware stealer trojan upx worm

Static task

static1

1 signatures

Behavioral task

behavioral1

Sample

cbf06a4790108ec1fa1a352a648b2cc583dc0b4345044a5bd79a253a99c9f523N.dll

Resource

win7-20240708-en

ramnit banker discovery spyware stealer trojan upx worm

windows7-x64

13 signatures

120 seconds

Behavioral task

behavioral2

Sample

cbf06a4790108ec1fa1a352a648b2cc583dc0b4345044a5bd79a253a99c9f523N.dll

Resource

win10v2004-20241007-en

ramnit banker discovery spyware stealer trojan upx worm

windows10-2004-x64

12 signatures

120 seconds

Malware Config

Targets

- Target
  
  cbf06a4790108ec1fa1a352a648b2cc583dc0b4345044a5bd79a253a99c9f523N.exe
- Size
  
  160KB
- MD5
  
  f0b787b8cce5aa401027ead09b1e5630
- SHA1
  
  3d97d869f0a76d4ff5dea9d845f16b1e12b1ab60
- SHA256
  
  cbf06a4790108ec1fa1a352a648b2cc583dc0b4345044a5bd79a253a99c9f523
- SHA512
  
  93bd70b302ed57423343266ee73d258024a2663b6ae3f58bf1f5e6593b7d6bc3ab81af478a85cec77a44a60775f701d65d47638b48c5675524936d804a89e91b
- SSDEEP
  
  3072:Y88P73GGCzTgiWsG8utIoToExSvZKTj4nj:YFC/g0GEXoSvZKTjGj
Score

10^/10

ramnit banker discovery spyware stealer trojan upx worm
- Ramnit
  Ramnit is a versatile family that holds viruses, worms, and Trojans.
  trojan spyware stealer worm banker ramnit
- Ramnit family
  ramnit
- Executes dropped EXE
- Loads dropped DLL
- Drops file in System32 directory
- UPX packed file
  Detects executables packed with UPX/modified UPX open source packer.
  upx
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Modify Registry

Credential Access

Discovery

System Location Discovery

System Language Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

ramnitbankerdiscoveryspywarestealertrojanupxworm

behavioral2

ramnitbankerdiscoveryspywarestealertrojanupxworm

© 2018-2025

Terms | Privacy