ramnit | dd698974e2a356f46b4eca92218ba828c9c9299727e2eb6548ba145bfc10a3f0 | Triage

Submit
Reports

Overview

overview

Static

static

3

dd698974e2...0N.exe

windows7-x64

dd698974e2...0N.exe

windows10-2004-x64

Sharing

General

Target

dd698974e2a356f46b4eca92218ba828c9c9299727e2eb6548ba145bfc10a3f0N.exe
Size

300KB
Sample

250117-ayc13swmex
MD5

20e6615733c026aa75e152787e42d4c0
SHA1

3df50c9bbae49921cdd923f406b4136d050782a2
SHA256

dd698974e2a356f46b4eca92218ba828c9c9299727e2eb6548ba145bfc10a3f0
SHA512

8bcc891a80fde1bebcd94267da4f08cbadf4f134b011dd29b3271c04cc7e27ce44bc8586297b0910c9ba9a17ad629390cdb0b13be54fc8549edb2e3ef9f958ab
SSDEEP

6144:I2sFizBZhdVXzt2Yg++pakzc9Dr1PaoWP:I2sF4hdZZzgxpatrk

Score

10^/10

ramnit banker discovery spyware stealer trojan upx worm

Static task

static1

1 signatures

Behavioral task

behavioral1

Sample

dd698974e2a356f46b4eca92218ba828c9c9299727e2eb6548ba145bfc10a3f0N.exe

Resource

win7-20240903-en

ramnit banker discovery spyware stealer trojan upx worm

windows7-x64

12 signatures

120 seconds

Behavioral task

behavioral2

Sample

dd698974e2a356f46b4eca92218ba828c9c9299727e2eb6548ba145bfc10a3f0N.exe

Resource

win10v2004-20241007-en

ramnit banker discovery spyware stealer trojan upx worm

windows10-2004-x64

11 signatures

120 seconds

Malware Config

Targets

- Target
  
  dd698974e2a356f46b4eca92218ba828c9c9299727e2eb6548ba145bfc10a3f0N.exe
- Size
  
  300KB
- MD5
  
  20e6615733c026aa75e152787e42d4c0
- SHA1
  
  3df50c9bbae49921cdd923f406b4136d050782a2
- SHA256
  
  dd698974e2a356f46b4eca92218ba828c9c9299727e2eb6548ba145bfc10a3f0
- SHA512
  
  8bcc891a80fde1bebcd94267da4f08cbadf4f134b011dd29b3271c04cc7e27ce44bc8586297b0910c9ba9a17ad629390cdb0b13be54fc8549edb2e3ef9f958ab
- SSDEEP
  
  6144:I2sFizBZhdVXzt2Yg++pakzc9Dr1PaoWP:I2sF4hdZZzgxpatrk
Score

10^/10

ramnit banker discovery spyware stealer trojan upx worm
- Ramnit
  Ramnit is a versatile family that holds viruses, worms, and Trojans.
  trojan spyware stealer worm banker ramnit
- Ramnit family
  ramnit
- Executes dropped EXE
- Loads dropped DLL
- UPX packed file
  Detects executables packed with UPX/modified UPX open source packer.
  upx
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Modify Registry

Credential Access

Discovery

System Location Discovery

System Language Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

ramnitbankerdiscoveryspywarestealertrojanupxworm

behavioral2

ramnitbankerdiscoveryspywarestealertrojanupxworm

© 2018-2025

Terms | Privacy