ramnit | ed0b4d4e31f572bffa5c56c0c7677ec6b670e22af504a94d2e1830cab3f5c676 | Triage

Submit
Reports

Overview

overview

Static

static

3

ed0b4d4e31...76.dll

windows7-x64

ed0b4d4e31...76.dll

windows10-2004-x64

Sharing

General

Target

ed0b4d4e31f572bffa5c56c0c7677ec6b670e22af504a94d2e1830cab3f5c676
Size

3.3MB
Sample

250103-e68j6szkcw
MD5

f58610835801009cf7ba115604f94905
SHA1

03d36617604c72a22fb187a576504b4c2b594359
SHA256

ed0b4d4e31f572bffa5c56c0c7677ec6b670e22af504a94d2e1830cab3f5c676
SHA512

bb5736839cf7589c5e50394f2531e1a6047126dc489d02b66e2182918e06f499222cdb8ce9e600550811889ec5384a8b6063d2fd9c912e0a23a72686eba1bf7e
SSDEEP

12288:CclekxppkfkjJ13OuHnsaxS7Z/d3QPn/6nwS+sByjgopluSZJ2yVsjmIG+3pF0AF:DJ13bsao/d3QH6nway/5Z5Ih09T

Score

10^/10

ramnit banker discovery spyware stealer trojan upx worm

Static task

static1

1 signatures

Behavioral task

behavioral1

Sample

ed0b4d4e31f572bffa5c56c0c7677ec6b670e22af504a94d2e1830cab3f5c676.dll

Resource

win7-20240903-en

ramnit banker discovery spyware stealer trojan upx worm

windows7-x64

14 signatures

150 seconds

Behavioral task

behavioral2

Sample

ed0b4d4e31f572bffa5c56c0c7677ec6b670e22af504a94d2e1830cab3f5c676.dll

Resource

win10v2004-20241007-en

ramnit banker discovery spyware stealer trojan upx worm

windows10-2004-x64

13 signatures

150 seconds

Malware Config

Targets

- Target
  
  ed0b4d4e31f572bffa5c56c0c7677ec6b670e22af504a94d2e1830cab3f5c676
- Size
  
  3.3MB
- MD5
  
  f58610835801009cf7ba115604f94905
- SHA1
  
  03d36617604c72a22fb187a576504b4c2b594359
- SHA256
  
  ed0b4d4e31f572bffa5c56c0c7677ec6b670e22af504a94d2e1830cab3f5c676
- SHA512
  
  bb5736839cf7589c5e50394f2531e1a6047126dc489d02b66e2182918e06f499222cdb8ce9e600550811889ec5384a8b6063d2fd9c912e0a23a72686eba1bf7e
- SSDEEP
  
  12288:CclekxppkfkjJ13OuHnsaxS7Z/d3QPn/6nwS+sByjgopluSZJ2yVsjmIG+3pF0AF:DJ13bsao/d3QH6nway/5Z5Ih09T
Score

10^/10

ramnit banker discovery spyware stealer trojan upx worm
- Ramnit
  Ramnit is a versatile family that holds viruses, worms, and Trojans.
  trojan spyware stealer worm banker ramnit
- Ramnit family
  ramnit
- Executes dropped EXE
- Loads dropped DLL
- Drops file in System32 directory
- UPX packed file
  Detects executables packed with UPX/modified UPX open source packer.
  upx
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Modify Registry

Credential Access

Discovery

System Location Discovery

System Language Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

ramnitbankerdiscoveryspywarestealertrojanupxworm

behavioral2

ramnitbankerdiscoveryspywarestealertrojanupxworm

© 2018-2025

Terms | Privacy