ramnit | 48d83455b9131fac7ceb5db5b90844b72e44b0250b6a9a57ab0716caceef4fd6 | Triage

Submit
Reports

Overview

overview

Static

static

3

48d83455b9...d6.dll

windows7-x64

48d83455b9...d6.dll

windows10-2004-x64

Sharing

General

Target

48d83455b9131fac7ceb5db5b90844b72e44b0250b6a9a57ab0716caceef4fd6.exe
Size

2.5MB
Sample

250123-19acfaxphl
MD5

286c871bca3610af9d52823235e73816
SHA1

44efc89e8f8c59aa6c099aabeb477e26e76de7c1
SHA256

48d83455b9131fac7ceb5db5b90844b72e44b0250b6a9a57ab0716caceef4fd6
SHA512

9987011effb55cb7ab8cc9a3ff3846bc9693e17e2fb9b4cf7cddad71a264c06d687e21990fbe9b5c14454bcc6bb2b04fedcb8975cb255c25f1131ee44c803404
SSDEEP

49152:lrjJBVKYHRK2AE0By+HX2E81fREZh2YF2DxoSP0WqxwLc827MGk64A9dF2yL:lhnKYHU2AEStHX2PfREZh21SS8WqxP80

Score

10^/10

ramnit banker discovery spyware stealer trojan upx worm

Static task

static1

1 signatures

Behavioral task

behavioral1

Sample

48d83455b9131fac7ceb5db5b90844b72e44b0250b6a9a57ab0716caceef4fd6.dll

Resource

win7-20240903-en

ramnit banker discovery spyware stealer trojan upx worm

windows7-x64

13 signatures

120 seconds

Behavioral task

behavioral2

Sample

48d83455b9131fac7ceb5db5b90844b72e44b0250b6a9a57ab0716caceef4fd6.dll

Resource

win10v2004-20241007-en

ramnit banker discovery spyware stealer trojan upx worm

windows10-2004-x64

12 signatures

120 seconds

Malware Config

Targets

- Target
  
  48d83455b9131fac7ceb5db5b90844b72e44b0250b6a9a57ab0716caceef4fd6.exe
- Size
  
  2.5MB
- MD5
  
  286c871bca3610af9d52823235e73816
- SHA1
  
  44efc89e8f8c59aa6c099aabeb477e26e76de7c1
- SHA256
  
  48d83455b9131fac7ceb5db5b90844b72e44b0250b6a9a57ab0716caceef4fd6
- SHA512
  
  9987011effb55cb7ab8cc9a3ff3846bc9693e17e2fb9b4cf7cddad71a264c06d687e21990fbe9b5c14454bcc6bb2b04fedcb8975cb255c25f1131ee44c803404
- SSDEEP
  
  49152:lrjJBVKYHRK2AE0By+HX2E81fREZh2YF2DxoSP0WqxwLc827MGk64A9dF2yL:lhnKYHU2AEStHX2PfREZh21SS8WqxP80
Score

10^/10

ramnit banker discovery spyware stealer trojan upx worm
- Ramnit
  Ramnit is a versatile family that holds viruses, worms, and Trojans.
  trojan spyware stealer worm banker ramnit
- Ramnit family
  ramnit
- Executes dropped EXE
- Loads dropped DLL
- Drops file in System32 directory
- UPX packed file
  Detects executables packed with UPX/modified UPX open source packer.
  upx
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Modify Registry

Credential Access

Discovery

System Location Discovery

System Language Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

ramnitbankerdiscoveryspywarestealertrojanupxworm

behavioral2

ramnitbankerdiscoveryspywarestealertrojanupxworm

© 2018-2025

Terms | Privacy