ramnit | 50b947c06432f14813da7c2d7135efeb5a0dcc03263930322a803e8ccf02e23c | Triage

Submit
Reports

Overview

overview

Static

static

3

50b947c064...3c.dll

windows7-x64

50b947c064...3c.dll

windows10-2004-x64

Sharing

General

Target

50b947c06432f14813da7c2d7135efeb5a0dcc03263930322a803e8ccf02e23c.exe
Size

847KB
Sample

250108-c3agvssmhl
MD5

7054b33ff435a263265dd141568b5f31
SHA1

8b7393fdac942dac81131d39105b17b36caac152
SHA256

50b947c06432f14813da7c2d7135efeb5a0dcc03263930322a803e8ccf02e23c
SHA512

81abf3d4c43f7541df38be271b6340a5a596509ee97beac943cb95050162ebb1ee8f6c1b902ea364a69de040eca3bc18886eef7ad9989492819d9c73058760b4
SSDEEP

12288:x2aqaPt3XB387UAJRDolkb+BAlBrQtF1SRlx9hwvtOV0ZW:x2aqet/AJRDolkb+mvctF1qlx7w1W

Score

10^/10

ramnit banker discovery spyware stealer trojan upx worm

Static task

static1

1 signatures

Behavioral task

behavioral1

Sample

50b947c06432f14813da7c2d7135efeb5a0dcc03263930322a803e8ccf02e23c.dll

Resource

win7-20240903-en

ramnit banker discovery spyware stealer trojan upx worm

windows7-x64

14 signatures

120 seconds

Behavioral task

behavioral2

Sample

50b947c06432f14813da7c2d7135efeb5a0dcc03263930322a803e8ccf02e23c.dll

Resource

win10v2004-20241007-en

ramnit banker discovery spyware stealer trojan upx worm

windows10-2004-x64

13 signatures

120 seconds

Malware Config

Targets

- Target
  
  50b947c06432f14813da7c2d7135efeb5a0dcc03263930322a803e8ccf02e23c.exe
- Size
  
  847KB
- MD5
  
  7054b33ff435a263265dd141568b5f31
- SHA1
  
  8b7393fdac942dac81131d39105b17b36caac152
- SHA256
  
  50b947c06432f14813da7c2d7135efeb5a0dcc03263930322a803e8ccf02e23c
- SHA512
  
  81abf3d4c43f7541df38be271b6340a5a596509ee97beac943cb95050162ebb1ee8f6c1b902ea364a69de040eca3bc18886eef7ad9989492819d9c73058760b4
- SSDEEP
  
  12288:x2aqaPt3XB387UAJRDolkb+BAlBrQtF1SRlx9hwvtOV0ZW:x2aqet/AJRDolkb+mvctF1qlx7w1W
Score

10^/10

ramnit banker discovery spyware stealer trojan upx worm
- Ramnit
  Ramnit is a versatile family that holds viruses, worms, and Trojans.
  trojan spyware stealer worm banker ramnit
- Ramnit family
  ramnit
- Executes dropped EXE
- Loads dropped DLL
- Drops file in System32 directory
- UPX packed file
  Detects executables packed with UPX/modified UPX open source packer.
  upx
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Modify Registry

Credential Access

Discovery

System Location Discovery

System Language Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

ramnitbankerdiscoveryspywarestealertrojanupxworm

behavioral2

ramnitbankerdiscoveryspywarestealertrojanupxworm

© 2018-2025

Terms | Privacy