ramnit | 5b785757a1184e04ab625326f8e5aa4b94a16d3332a73da14de925f81eaf99cc | Triage

Submit
Reports

Overview

overview

Static

static

3

5b785757a1...cc.dll

windows7-x64

5b785757a1...cc.dll

windows10-2004-x64

Sharing

General

Target

5b785757a1184e04ab625326f8e5aa4b94a16d3332a73da14de925f81eaf99cc.exe
Size

256KB
Sample

250120-lsp91atlgr
MD5

bd4aebf56c70da8339ac13607e33e156
SHA1

532d81f4afb40a407d42f13d099454ce31fda35a
SHA256

5b785757a1184e04ab625326f8e5aa4b94a16d3332a73da14de925f81eaf99cc
SHA512

2470a7bf8e15493ba70e2c36ffc4246cb862b7d96a157ba8135a80cb2ee247b1c8825600019c0f7d24610e362040f507ea6d3b1dbac3e16b79f7f7f6a5b9f517
SSDEEP

3072:zn4cV8gf2u41Z5tKlFxwHdIWKc8DAGhn8D5sAxvEbzNmBTq/lSKVtB/LFYYSNGGz:74y8gOl2COc8rWD5n+9sTq9TVbRYK6Bd

Score

10^/10

ramnit banker discovery spyware stealer trojan upx worm

Static task

static1

1 signatures

Behavioral task

behavioral1

Sample

5b785757a1184e04ab625326f8e5aa4b94a16d3332a73da14de925f81eaf99cc.dll

Resource

win7-20240903-en

ramnit banker discovery spyware stealer trojan upx worm

windows7-x64

14 signatures

120 seconds

Behavioral task

behavioral2

Sample

5b785757a1184e04ab625326f8e5aa4b94a16d3332a73da14de925f81eaf99cc.dll

Resource

win10v2004-20241007-en

ramnit banker discovery spyware stealer trojan upx worm

windows10-2004-x64

14 signatures

120 seconds

Malware Config

Targets

- Target
  
  5b785757a1184e04ab625326f8e5aa4b94a16d3332a73da14de925f81eaf99cc.exe
- Size
  
  256KB
- MD5
  
  bd4aebf56c70da8339ac13607e33e156
- SHA1
  
  532d81f4afb40a407d42f13d099454ce31fda35a
- SHA256
  
  5b785757a1184e04ab625326f8e5aa4b94a16d3332a73da14de925f81eaf99cc
- SHA512
  
  2470a7bf8e15493ba70e2c36ffc4246cb862b7d96a157ba8135a80cb2ee247b1c8825600019c0f7d24610e362040f507ea6d3b1dbac3e16b79f7f7f6a5b9f517
- SSDEEP
  
  3072:zn4cV8gf2u41Z5tKlFxwHdIWKc8DAGhn8D5sAxvEbzNmBTq/lSKVtB/LFYYSNGGz:74y8gOl2COc8rWD5n+9sTq9TVbRYK6Bd
Score

10^/10

ramnit banker discovery spyware stealer trojan upx worm
- Ramnit
  Ramnit is a versatile family that holds viruses, worms, and Trojans.
  trojan spyware stealer worm banker ramnit
- Ramnit family
  ramnit
- Executes dropped EXE
- Loads dropped DLL
- Drops file in System32 directory
- UPX packed file
  Detects executables packed with UPX/modified UPX open source packer.
  upx
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Modify Registry

Credential Access

Discovery

System Location Discovery

System Language Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

ramnitbankerdiscoveryspywarestealertrojanupxworm

behavioral2

ramnitbankerdiscoveryspywarestealertrojanupxworm

© 2018-2025

Terms | Privacy