ramnit | 12de3ea9345ab2fb69ac26749ed8922c5fff2ca931af5f924766bd36739174ea | Triage

Submit
Reports

Overview

overview

Static

static

3

12de3ea934...ea.dll

windows7-x64

12de3ea934...ea.dll

windows10-2004-x64

Sharing

General

Target

12de3ea9345ab2fb69ac26749ed8922c5fff2ca931af5f924766bd36739174ea
Size

112KB
Sample

250123-y64e1atlgr
MD5

c44d74cd5f55241ad2faaeb8d78b2468
SHA1

09f12dcbb401e37ec2a5c788fca38650b5af227c
SHA256

12de3ea9345ab2fb69ac26749ed8922c5fff2ca931af5f924766bd36739174ea
SHA512

20fc1c909d626d7db46b9d58ebc459f92326f2bc73b8424c7ef47c85824ab5b81c756a95871f7844256c7ca3dfa37238f6ff9b069d8dce80fab892a376b7ee32
SSDEEP

1536:ileniGoqPB7yMaDMfKHiLinL6nDBBvoyV2um0uqcqh2SZN0H7o4eOC4VdtRj:8fGBPDffE6nDBTeVhSzK7o43Cij

Score

10^/10

ramnit banker discovery spyware stealer trojan upx worm

Static task

static1

1 signatures

Behavioral task

behavioral1

Sample

12de3ea9345ab2fb69ac26749ed8922c5fff2ca931af5f924766bd36739174ea.dll

Resource

win7-20240903-en

ramnit banker discovery spyware stealer trojan upx worm

windows7-x64

13 signatures

150 seconds

Behavioral task

behavioral2

Sample

12de3ea9345ab2fb69ac26749ed8922c5fff2ca931af5f924766bd36739174ea.dll

Resource

win10v2004-20241007-en

ramnit banker discovery spyware stealer trojan upx worm

windows10-2004-x64

12 signatures

150 seconds

Malware Config

Targets

- Target
  
  12de3ea9345ab2fb69ac26749ed8922c5fff2ca931af5f924766bd36739174ea
- Size
  
  112KB
- MD5
  
  c44d74cd5f55241ad2faaeb8d78b2468
- SHA1
  
  09f12dcbb401e37ec2a5c788fca38650b5af227c
- SHA256
  
  12de3ea9345ab2fb69ac26749ed8922c5fff2ca931af5f924766bd36739174ea
- SHA512
  
  20fc1c909d626d7db46b9d58ebc459f92326f2bc73b8424c7ef47c85824ab5b81c756a95871f7844256c7ca3dfa37238f6ff9b069d8dce80fab892a376b7ee32
- SSDEEP
  
  1536:ileniGoqPB7yMaDMfKHiLinL6nDBBvoyV2um0uqcqh2SZN0H7o4eOC4VdtRj:8fGBPDffE6nDBTeVhSzK7o43Cij
Score

10^/10

ramnit banker discovery spyware stealer trojan upx worm
- Ramnit
  Ramnit is a versatile family that holds viruses, worms, and Trojans.
  trojan spyware stealer worm banker ramnit
- Ramnit family
  ramnit
- Executes dropped EXE
- Loads dropped DLL
- Drops file in System32 directory
- UPX packed file
  Detects executables packed with UPX/modified UPX open source packer.
  upx
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Modify Registry

Credential Access

Discovery

System Location Discovery

System Language Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

ramnitbankerdiscoveryspywarestealertrojanupxworm

behavioral2

ramnitbankerdiscoveryspywarestealertrojanupxworm

© 2018-2025

Terms | Privacy