ramnit | 9f7f66f69ddf3a0dade6c64dfe7c06b56ba6da09b1e82ecc6b83c9db2d7d0627 | Triage

Submit
Reports

Overview

overview

Static

static

3

9f7f66f69d...27.dll

windows7-x64

9f7f66f69d...27.dll

windows10-2004-x64

Sharing

General

Target

9f7f66f69ddf3a0dade6c64dfe7c06b56ba6da09b1e82ecc6b83c9db2d7d0627.exe
Size

513KB
Sample

250108-fh28xsxmaj
MD5

da3025ac75d8442a7cf9437120c1e44b
SHA1

43fac7e63ecebcc37523e8d36985ab55dfec9121
SHA256

9f7f66f69ddf3a0dade6c64dfe7c06b56ba6da09b1e82ecc6b83c9db2d7d0627
SHA512

7d0bd7be837c5185e2f40f1c77d1e8e707c7ae738a15c4979aa5dd5e0dffa16d025d9c2ad6dca283472e7a8b85e3884bedc6f4e15c38d0337470d3c6f7fd7009
SSDEEP

6144:JcpVgme/jCaRnuFuwGDh9v7D87ICjC0YUaneDq:iVgmertRuzonhCjC0ZG

Score

10^/10

ramnit banker discovery spyware stealer trojan upx worm

Static task

static1

1 signatures

Behavioral task

behavioral1

Sample

9f7f66f69ddf3a0dade6c64dfe7c06b56ba6da09b1e82ecc6b83c9db2d7d0627.dll

Resource

win7-20241010-en

ramnit banker discovery spyware stealer trojan upx worm

windows7-x64

14 signatures

150 seconds

Behavioral task

behavioral2

Sample

9f7f66f69ddf3a0dade6c64dfe7c06b56ba6da09b1e82ecc6b83c9db2d7d0627.dll

Resource

win10v2004-20241007-en

ramnit banker discovery spyware stealer trojan upx worm

windows10-2004-x64

13 signatures

150 seconds

Malware Config

Targets

- Target
  
  9f7f66f69ddf3a0dade6c64dfe7c06b56ba6da09b1e82ecc6b83c9db2d7d0627.exe
- Size
  
  513KB
- MD5
  
  da3025ac75d8442a7cf9437120c1e44b
- SHA1
  
  43fac7e63ecebcc37523e8d36985ab55dfec9121
- SHA256
  
  9f7f66f69ddf3a0dade6c64dfe7c06b56ba6da09b1e82ecc6b83c9db2d7d0627
- SHA512
  
  7d0bd7be837c5185e2f40f1c77d1e8e707c7ae738a15c4979aa5dd5e0dffa16d025d9c2ad6dca283472e7a8b85e3884bedc6f4e15c38d0337470d3c6f7fd7009
- SSDEEP
  
  6144:JcpVgme/jCaRnuFuwGDh9v7D87ICjC0YUaneDq:iVgmertRuzonhCjC0ZG
Score

10^/10

ramnit banker discovery spyware stealer trojan upx worm
- Ramnit
  Ramnit is a versatile family that holds viruses, worms, and Trojans.
  trojan spyware stealer worm banker ramnit
- Ramnit family
  ramnit
- Executes dropped EXE
- Loads dropped DLL
- Drops file in System32 directory
- UPX packed file
  Detects executables packed with UPX/modified UPX open source packer.
  upx
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Modify Registry

Credential Access

Discovery

System Location Discovery

System Language Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

ramnitbankerdiscoveryspywarestealertrojanupxworm

behavioral2

ramnitbankerdiscoveryspywarestealertrojanupxworm

© 2018-2025

Terms | Privacy