ramnit | 1a53bdd222644520005317b44d5179c3643dac2c9a7e3c92605ca827b5ffd405 | Triage

Submit
Reports

Overview

overview

Static

static

3

1a53bdd222...5N.dll

windows7-x64

1a53bdd222...5N.dll

windows10-2004-x64

Sharing

General

Target

1a53bdd222644520005317b44d5179c3643dac2c9a7e3c92605ca827b5ffd405N.exe
Size

232KB
Sample

250124-dqbptsxreq
MD5

3ca35360bfcfd535fad4cadd32d39d20
SHA1

7ad1f0ad8d17977d1ffde727351ff770f02706e0
SHA256

1a53bdd222644520005317b44d5179c3643dac2c9a7e3c92605ca827b5ffd405
SHA512

d66843f59e86e0b5ec6c8eba264cca22d288a83dfea79c1ff5b4f8194fd06ad190ee60c8232ae00ea226769fb3c964aad36ab1f033a71b0112d1eedf9e562428
SSDEEP

3072:x/U9HG4s/LSPqWHx34+jSc39XtxZSiSq8uv3LlsAEQiw0p9dJ6:xOmzSPqWHB4+uy91S1uv3h5riPbdJ

Score

10^/10

ramnit banker discovery spyware stealer trojan upx worm

Static task

static1

1 signatures

Behavioral task

behavioral1

Sample

1a53bdd222644520005317b44d5179c3643dac2c9a7e3c92605ca827b5ffd405N.dll

Resource

win7-20240903-en

ramnit banker discovery spyware stealer trojan upx worm

windows7-x64

13 signatures

120 seconds

Behavioral task

behavioral2

Sample

1a53bdd222644520005317b44d5179c3643dac2c9a7e3c92605ca827b5ffd405N.dll

Resource

win10v2004-20241007-en

ramnit banker discovery spyware stealer trojan upx worm

windows10-2004-x64

13 signatures

120 seconds

Malware Config

Targets

- Target
  
  1a53bdd222644520005317b44d5179c3643dac2c9a7e3c92605ca827b5ffd405N.exe
- Size
  
  232KB
- MD5
  
  3ca35360bfcfd535fad4cadd32d39d20
- SHA1
  
  7ad1f0ad8d17977d1ffde727351ff770f02706e0
- SHA256
  
  1a53bdd222644520005317b44d5179c3643dac2c9a7e3c92605ca827b5ffd405
- SHA512
  
  d66843f59e86e0b5ec6c8eba264cca22d288a83dfea79c1ff5b4f8194fd06ad190ee60c8232ae00ea226769fb3c964aad36ab1f033a71b0112d1eedf9e562428
- SSDEEP
  
  3072:x/U9HG4s/LSPqWHx34+jSc39XtxZSiSq8uv3LlsAEQiw0p9dJ6:xOmzSPqWHB4+uy91S1uv3h5riPbdJ
Score

10^/10

ramnit banker discovery spyware stealer trojan upx worm
- Ramnit
  Ramnit is a versatile family that holds viruses, worms, and Trojans.
  trojan spyware stealer worm banker ramnit
- Ramnit family
  ramnit
- Executes dropped EXE
- Loads dropped DLL
- Drops file in System32 directory
- UPX packed file
  Detects executables packed with UPX/modified UPX open source packer.
  upx
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Modify Registry

Credential Access

Discovery

System Location Discovery

System Language Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

ramnitbankerdiscoveryspywarestealertrojanupxworm

behavioral2

ramnitbankerdiscoveryspywarestealertrojanupxworm

© 2018-2025

Terms | Privacy