ramnit | 3ee3bcbf7ef16ed2744a7586347e1122fb90f1dda97ca3e06e45c32c9f410c85 | Triage

Submit
Reports

Overview

overview

Static

static

3

3ee3bcbf7e...5N.dll

windows7-x64

3ee3bcbf7e...5N.dll

windows10-2004-x64

Sharing

General

Target

3ee3bcbf7ef16ed2744a7586347e1122fb90f1dda97ca3e06e45c32c9f410c85N.exe
Size

232KB
Sample

250125-g68w2szmgt
MD5

603c12eb6909e804930f7b874e533a30
SHA1

1b82914c166e697cce18a18b27a68604fd829487
SHA256

3ee3bcbf7ef16ed2744a7586347e1122fb90f1dda97ca3e06e45c32c9f410c85
SHA512

a20ecb914c1e3dacb50cac5e1745b6269308229bc099b933734d2faa1ce7ce582d643640b0c4801d82ebc3ef18e6e9972a6c44ac9153f98b63f3b59e2874566d
SSDEEP

3072:h+aJd9iRyxPqPYk4K2+QOtvhgWtx50GB/oMpl8aXYQ+cIPKc+4:gaGyxPqgk4V/OJ30G59pl82O9p

Score

10^/10

ramnit banker discovery spyware stealer trojan upx worm

Static task

static1

1 signatures

Behavioral task

behavioral1

Sample

3ee3bcbf7ef16ed2744a7586347e1122fb90f1dda97ca3e06e45c32c9f410c85N.dll

Resource

win7-20241010-en

ramnit banker discovery spyware stealer trojan upx worm

windows7-x64

13 signatures

120 seconds

Behavioral task

behavioral2

Sample

3ee3bcbf7ef16ed2744a7586347e1122fb90f1dda97ca3e06e45c32c9f410c85N.dll

Resource

win10v2004-20241007-en

ramnit banker discovery spyware stealer trojan upx worm

windows10-2004-x64

13 signatures

120 seconds

Malware Config

Targets

- Target
  
  3ee3bcbf7ef16ed2744a7586347e1122fb90f1dda97ca3e06e45c32c9f410c85N.exe
- Size
  
  232KB
- MD5
  
  603c12eb6909e804930f7b874e533a30
- SHA1
  
  1b82914c166e697cce18a18b27a68604fd829487
- SHA256
  
  3ee3bcbf7ef16ed2744a7586347e1122fb90f1dda97ca3e06e45c32c9f410c85
- SHA512
  
  a20ecb914c1e3dacb50cac5e1745b6269308229bc099b933734d2faa1ce7ce582d643640b0c4801d82ebc3ef18e6e9972a6c44ac9153f98b63f3b59e2874566d
- SSDEEP
  
  3072:h+aJd9iRyxPqPYk4K2+QOtvhgWtx50GB/oMpl8aXYQ+cIPKc+4:gaGyxPqgk4V/OJ30G59pl82O9p
Score

10^/10

ramnit banker discovery spyware stealer trojan upx worm
- Ramnit
  Ramnit is a versatile family that holds viruses, worms, and Trojans.
  trojan spyware stealer worm banker ramnit
- Ramnit family
  ramnit
- Executes dropped EXE
- Loads dropped DLL
- Drops file in System32 directory
- UPX packed file
  Detects executables packed with UPX/modified UPX open source packer.
  upx
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Modify Registry

Credential Access

Discovery

System Location Discovery

System Language Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

ramnitbankerdiscoveryspywarestealertrojanupxworm

behavioral2

ramnitbankerdiscoveryspywarestealertrojanupxworm

© 2018-2025

Terms | Privacy