ramnit | e136c21f9f91ec75c1c6406eab733b929b0bb044389287b39b3fe5cbd9e7acf8 | Triage

Submit
Reports

Overview

overview

Static

static

3

e136c21f9f...f8.dll

windows7-x64

e136c21f9f...f8.dll

windows10-2004-x64

Sharing

General

Target

e136c21f9f91ec75c1c6406eab733b929b0bb044389287b39b3fe5cbd9e7acf8
Size

1.5MB
Sample

250104-lnjawswlcr
MD5

bcbfc7839264f98cb26fe153cf61490b
SHA1

6a5cfc34aef0d04bc4221a8d2890d7fc657fd9b2
SHA256

e136c21f9f91ec75c1c6406eab733b929b0bb044389287b39b3fe5cbd9e7acf8
SHA512

3e7cf79b16f93a8d4ee14386712c472752d53d21eeeb97f1dd7d1e36550c7642b51238d7c87c5e92f4b9a850828f431fec32b88f7cce06eb9553dd89c5b65e47
SSDEEP

24576:QOlbBZ3Dvbubi2HrQFYx8DezmfYDTi0Ju7/c8ssai1fnsxdm9iYCMsBNwxDlxNM8:QTWmy8uBt2lKojyp/AtTChqwd

Score

10^/10

ramnit banker discovery spyware stealer trojan upx worm

Static task

static1

1 signatures

Behavioral task

behavioral1

Sample

e136c21f9f91ec75c1c6406eab733b929b0bb044389287b39b3fe5cbd9e7acf8.dll

Resource

win7-20240903-en

ramnit banker discovery spyware stealer trojan upx worm

windows7-x64

13 signatures

150 seconds

Behavioral task

behavioral2

Sample

e136c21f9f91ec75c1c6406eab733b929b0bb044389287b39b3fe5cbd9e7acf8.dll

Resource

win10v2004-20241007-en

ramnit banker discovery spyware stealer trojan upx worm

windows10-2004-x64

12 signatures

150 seconds

Malware Config

Targets

- Target
  
  e136c21f9f91ec75c1c6406eab733b929b0bb044389287b39b3fe5cbd9e7acf8
- Size
  
  1.5MB
- MD5
  
  bcbfc7839264f98cb26fe153cf61490b
- SHA1
  
  6a5cfc34aef0d04bc4221a8d2890d7fc657fd9b2
- SHA256
  
  e136c21f9f91ec75c1c6406eab733b929b0bb044389287b39b3fe5cbd9e7acf8
- SHA512
  
  3e7cf79b16f93a8d4ee14386712c472752d53d21eeeb97f1dd7d1e36550c7642b51238d7c87c5e92f4b9a850828f431fec32b88f7cce06eb9553dd89c5b65e47
- SSDEEP
  
  24576:QOlbBZ3Dvbubi2HrQFYx8DezmfYDTi0Ju7/c8ssai1fnsxdm9iYCMsBNwxDlxNM8:QTWmy8uBt2lKojyp/AtTChqwd
Score

10^/10

ramnit banker discovery spyware stealer trojan upx worm
- Ramnit
  Ramnit is a versatile family that holds viruses, worms, and Trojans.
  trojan spyware stealer worm banker ramnit
- Ramnit family
  ramnit
- Executes dropped EXE
- Loads dropped DLL
- Drops file in System32 directory
- UPX packed file
  Detects executables packed with UPX/modified UPX open source packer.
  upx
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Modify Registry

Credential Access

Discovery

System Location Discovery

System Language Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

ramnitbankerdiscoveryspywarestealertrojanupxworm

behavioral2

ramnitbankerdiscoveryspywarestealertrojanupxworm

© 2018-2025

Terms | Privacy