ramnit | e408c8dd659689aa421da34cfe55f5019c21d601b28fb3ef8b6bc0c7e4a8e835 | Triage

Submit
Reports

Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

Overview

overview

Static

static

3

e408c8dd65...35.dll

windows7-x64

e408c8dd65...35.dll

windows10-2004-x64

Sharing

General

Target

e408c8dd659689aa421da34cfe55f5019c21d601b28fb3ef8b6bc0c7e4a8e835
Size

96KB
Sample

250323-12l19s1py3
MD5

799ce61626cffcac92f8db6c52a74bd3
SHA1

3f2e8e0a730a8cbbf27618d6a0068d6ebc54aaef
SHA256

e408c8dd659689aa421da34cfe55f5019c21d601b28fb3ef8b6bc0c7e4a8e835
SHA512

a888c4c24b2363a1f4705242ffb291ebdb701af51b7652c175480ec794aaf8b5a2ea22e1baeebe4e8bf4679ef3d17c23be6aedd4c542108a0803101df6baaec8
SSDEEP

1536:zC/TB2UeZVfNjkkvVDslApxXUWqcNQyxLWpSAjZRJuV:mQX3fNjbpslsUWqeQfp7jr

Score

10^/10

ramnit banker discovery spyware stealer trojan upx worm

Static task

static1

1 signatures

Behavioral task

behavioral1

Sample

e408c8dd659689aa421da34cfe55f5019c21d601b28fb3ef8b6bc0c7e4a8e835.dll

Resource

win7-20240903-en

ramnit banker discovery spyware stealer trojan upx worm

windows7-x64

13 signatures

150 seconds

Behavioral task

behavioral2

Sample

e408c8dd659689aa421da34cfe55f5019c21d601b28fb3ef8b6bc0c7e4a8e835.dll

Resource

win10v2004-20250314-en

ramnit banker discovery spyware stealer trojan upx worm

windows10-2004-x64

12 signatures

150 seconds

Malware Config

Targets

- Target
  
  e408c8dd659689aa421da34cfe55f5019c21d601b28fb3ef8b6bc0c7e4a8e835
- Size
  
  96KB
- MD5
  
  799ce61626cffcac92f8db6c52a74bd3
- SHA1
  
  3f2e8e0a730a8cbbf27618d6a0068d6ebc54aaef
- SHA256
  
  e408c8dd659689aa421da34cfe55f5019c21d601b28fb3ef8b6bc0c7e4a8e835
- SHA512
  
  a888c4c24b2363a1f4705242ffb291ebdb701af51b7652c175480ec794aaf8b5a2ea22e1baeebe4e8bf4679ef3d17c23be6aedd4c542108a0803101df6baaec8
- SSDEEP
  
  1536:zC/TB2UeZVfNjkkvVDslApxXUWqcNQyxLWpSAjZRJuV:mQX3fNjbpslsUWqeQfp7jr
Score

10^/10

ramnit banker discovery spyware stealer trojan upx worm
- Ramnit
  Ramnit is a versatile family that holds viruses, worms, and Trojans.
  trojan spyware stealer worm banker ramnit
- Ramnit family
  ramnit
- Executes dropped EXE
- Loads dropped DLL
- Drops file in System32 directory
- UPX packed file
  Detects executables packed with UPX/modified UPX open source packer.
  upx
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Modify Registry

Credential Access

Discovery

System Location Discovery

System Language Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

ramnitbankerdiscoveryspywarestealertrojanupxworm

behavioral2

ramnitbankerdiscoveryspywarestealertrojanupxworm

© 2018-2025

Terms | Privacy