ramnit | ab2688822ac9f78489d4e05a4c1e34ff63a918ce94673cf2c01010586e66555e | Triage

Submit
Reports

Overview

overview

Static

static

3

ab2688822a...eN.dll

windows7-x64

ab2688822a...eN.dll

windows10-2004-x64

Sharing

General

Target

ab2688822ac9f78489d4e05a4c1e34ff63a918ce94673cf2c01010586e66555eN.exe
Size

847KB
Sample

250108-3pvtraylat
MD5

368421d6e2e5267eb91f3976b1308d30
SHA1

7d5123036a037a69042d5b2324a8b463e3cd4794
SHA256

ab2688822ac9f78489d4e05a4c1e34ff63a918ce94673cf2c01010586e66555e
SHA512

2486bbe2c3c0cd71448bda6e1ea3516577d6a15133c9ad78c8ced2c9a3a6cec682888ac99db0de3e99b05261b8d6b2a647ec8fe81db0cf7c8761a4e795f24d42
SSDEEP

12288:x2aqaPt3XB387UAJRDolkb+BAlBrQtF1SRlx9hwvtOV0Z:x2aqet/AJRDolkb+mvctF1qlx7w1

Score

10^/10

ramnit banker discovery spyware stealer trojan upx worm

Static task

static1

1 signatures

Behavioral task

behavioral1

Sample

ab2688822ac9f78489d4e05a4c1e34ff63a918ce94673cf2c01010586e66555eN.dll

Resource

win7-20240903-en

ramnit banker discovery spyware stealer trojan upx worm

windows7-x64

14 signatures

120 seconds

Behavioral task

behavioral2

Sample

ab2688822ac9f78489d4e05a4c1e34ff63a918ce94673cf2c01010586e66555eN.dll

Resource

win10v2004-20241007-en

ramnit banker discovery spyware stealer trojan upx worm

windows10-2004-x64

13 signatures

120 seconds

Malware Config

Targets

- Target
  
  ab2688822ac9f78489d4e05a4c1e34ff63a918ce94673cf2c01010586e66555eN.exe
- Size
  
  847KB
- MD5
  
  368421d6e2e5267eb91f3976b1308d30
- SHA1
  
  7d5123036a037a69042d5b2324a8b463e3cd4794
- SHA256
  
  ab2688822ac9f78489d4e05a4c1e34ff63a918ce94673cf2c01010586e66555e
- SHA512
  
  2486bbe2c3c0cd71448bda6e1ea3516577d6a15133c9ad78c8ced2c9a3a6cec682888ac99db0de3e99b05261b8d6b2a647ec8fe81db0cf7c8761a4e795f24d42
- SSDEEP
  
  12288:x2aqaPt3XB387UAJRDolkb+BAlBrQtF1SRlx9hwvtOV0Z:x2aqet/AJRDolkb+mvctF1qlx7w1
Score

10^/10

ramnit banker discovery spyware stealer trojan upx worm
- Ramnit
  Ramnit is a versatile family that holds viruses, worms, and Trojans.
  trojan spyware stealer worm banker ramnit
- Ramnit family
  ramnit
- Executes dropped EXE
- Loads dropped DLL
- Drops file in System32 directory
- UPX packed file
  Detects executables packed with UPX/modified UPX open source packer.
  upx
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Modify Registry

Credential Access

Discovery

System Location Discovery

System Language Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

ramnitbankerdiscoveryspywarestealertrojanupxworm

behavioral2

ramnitbankerdiscoveryspywarestealertrojanupxworm

© 2018-2025

Terms | Privacy