ramnit

General

Target

2025-01-19_a71770683f5474465047295f01644386_mafia_ramnit_revil
Size

4.2MB
Sample

250119-dgbngasrdy
MD5

a71770683f5474465047295f01644386
SHA1

4f6415b644eacd0a642d90ef1f0ef367009db337
SHA256

1b0b4e02e3a671fafd36a6440e9bbf08cc2fb9cdf3949cfc0d0391a058d92f6b
SHA512

45ceb8c2b99fcfbebbb2c05751afd9754048d16d5a006a358ddfcf09e716957d3df9d2ea4c1bbf61c5ec54dab94ece6e19d84d9cfe18d8be5d4ce3101b4f6578
SSDEEP

98304:3MX6JVkHSdJ+dw32m1ZcAE/KWQ4SKHdngNvfn7K5:323U32Oy44SKqN7

Score

10^/10

Malware Config

Targets

- Target
  
  2025-01-19_a71770683f5474465047295f01644386_mafia_ramnit_revil
- Size
  
  4.2MB
- MD5
  
  a71770683f5474465047295f01644386
- SHA1
  
  4f6415b644eacd0a642d90ef1f0ef367009db337
- SHA256
  
  1b0b4e02e3a671fafd36a6440e9bbf08cc2fb9cdf3949cfc0d0391a058d92f6b
- SHA512
  
  45ceb8c2b99fcfbebbb2c05751afd9754048d16d5a006a358ddfcf09e716957d3df9d2ea4c1bbf61c5ec54dab94ece6e19d84d9cfe18d8be5d4ce3101b4f6578
- SSDEEP
  
  98304:3MX6JVkHSdJ+dw32m1ZcAE/KWQ4SKHdngNvfn7K5:323U32Oy44SKqN7
Score

10^/10

ramnit banker discovery spyware stealer trojan upx worm
- Ramnit
  Ramnit is a versatile family that holds viruses, worms, and Trojans.
  trojan spyware stealer worm banker ramnit
- Ramnit family
  ramnit
- Executes dropped EXE
- Loads dropped DLL
- UPX packed file
  Detects executables packed with UPX/modified UPX open source packer.
  upx
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Modify Registry

1

T1112

Credential Access

Discovery

System Information Discovery

1

T1082

System Location Discovery

1

T1614

System Language Discovery

1

T1614.001

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

Sharing

General

Malware Config

Targets

Ramnit family

Executes dropped EXE

Loads dropped DLL

UPX packed file

MITRE ATT&CK Enterprise v15

Tasks

static1

behavioral1

behavioral2