Extracted

• • Target

    2025-02-27_97b5211be2a493d35ed933b4b89bc1d5_icedid_ramnit

  • Size

    384KB

  • MD5

    97b5211be2a493d35ed933b4b89bc1d5

  • SHA1

    1caedc79c8857c16c3c50a526eb349a5c6176a28

  • SHA256

    fb63673ed7f692b0d3610a2629a26e598ec916440a32149ac0aeffb7c25305fc

  • SHA512

    847a584e2818e2819f2896b81501e680ff2a58bd96160e5e9a58e94bfa4d39e9908a3d33c1b1fd20490e3f37e35870b4d7460d68cefcf8cac3a6db99ba78d6aa

  • SSDEEP

    6144:sF3MtP2xXEeeWFEuC3h93Fx8u2qEuIE2T9Iyo/Q0VNhveGbfUTpYDDmu/+3fbT:svxaUCh93FxmuIE2Vo/tWG+pG/YT

  Score

  10^/10

  emotetramnitepoch1bankerdiscoveryspywarestealertrojanupxworm

  • Emotet

    Emotet is a trojan that is primarily spread through spam emails.

    trojanbankeremotet

  • Emotet family

    emotet

  • Ramnit

    Ramnit is a versatile family that holds viruses, worms, and Trojans.

    trojanspywarestealerwormbankerramnit

  • Ramnit family

    ramnit

  • Executes dropped EXE

  • Loads dropped DLL

  • Drops file in System32 directory

  • UPX packed file

    Detects executables packed with UPX/modified UPX open source packer.

    upx
  behavioral1behavioral2