ramnit | 53e1a328fb3f65e9333680d30d858b662929c2e470867263b2fb529db3eabb6c | Triage

Submit
Reports

Overview

overview

Static

static

3

53e1a328fb...cs.dll

windows7-x64

53e1a328fb...cs.dll

windows10-2004-x64

Sharing

General

Target

53e1a328fb3f65e9333680d30d858b662929c2e470867263b2fb529db3eabb6c_NeikiAnalytics.exe
Size

208KB
Sample

240629-dcz59sserr
MD5

39d1d9664b3bb7498b081ba7f52459e0
SHA1

43e931597688d4c345465ec19fa81f0139832ad2
SHA256

53e1a328fb3f65e9333680d30d858b662929c2e470867263b2fb529db3eabb6c
SHA512

85b149893d47058be3a4c086689ecc79725a236c33087a3e8ce6cee5f32bb6576bec68392401666941a443ba932a2f97639b819eb486ceb25660b84f76238bb0
SSDEEP

3072:uoUNFPWRUR6Juy+CAPsx5EAhgPKUFM1FS3eEu+p:LUSImNvD1dFzJG

Score

10^/10

ramnit banker spyware stealer trojan upx worm

Static task

static1

1 signatures

Behavioral task

behavioral1

Sample

53e1a328fb3f65e9333680d30d858b662929c2e470867263b2fb529db3eabb6c_NeikiAnalytics.dll

Resource

win7-20240221-en

ramnit banker spyware stealer trojan upx worm

windows7-x64

12 signatures

150 seconds

Behavioral task

behavioral2

Sample

53e1a328fb3f65e9333680d30d858b662929c2e470867263b2fb529db3eabb6c_NeikiAnalytics.dll

Resource

win10v2004-20240611-en

ramnit banker spyware stealer trojan upx worm

windows10-2004-x64

11 signatures

150 seconds

Malware Config

Targets

- Target
  
  53e1a328fb3f65e9333680d30d858b662929c2e470867263b2fb529db3eabb6c_NeikiAnalytics.exe
- Size
  
  208KB
- MD5
  
  39d1d9664b3bb7498b081ba7f52459e0
- SHA1
  
  43e931597688d4c345465ec19fa81f0139832ad2
- SHA256
  
  53e1a328fb3f65e9333680d30d858b662929c2e470867263b2fb529db3eabb6c
- SHA512
  
  85b149893d47058be3a4c086689ecc79725a236c33087a3e8ce6cee5f32bb6576bec68392401666941a443ba932a2f97639b819eb486ceb25660b84f76238bb0
- SSDEEP
  
  3072:uoUNFPWRUR6Juy+CAPsx5EAhgPKUFM1FS3eEu+p:LUSImNvD1dFzJG
Score

10^/10

ramnit banker spyware stealer trojan upx worm
- Ramnit
  Ramnit is a versatile family that holds viruses, worms, and Trojans.
  trojan spyware stealer worm banker ramnit
- Executes dropped EXE
- Loads dropped DLL
- UPX packed file
  Detects executables packed with UPX/modified UPX open source packer.
  upx
- Drops file in System32 directory
behavioral1 behavioral2

MITRE ATT&CK Matrix ATT&CK v13

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Modify Registry

Credential Access

Discovery

Lateral Movement

Collection

Exfiltration

Command and Control

Impact

Resource Development

Reconnaissance

Tasks

static1

behavioral1

ramnitbankerspywarestealertrojanupxworm

behavioral2

ramnitbankerspywarestealertrojanupxworm

© 2018-2024

Terms | Privacy