ramnit | 98c4e27dd7acf6454aeba5e72dabe3cc7bfa4756b9efbe4fed7cf276a7dfe63b | Triage

Submit
Reports

Overview

overview

Static

static

3

98c4e27dd7...3b.exe

windows7-x64

98c4e27dd7...3b.exe

windows10-2004-x64

Sharing

General

Target

98c4e27dd7acf6454aeba5e72dabe3cc7bfa4756b9efbe4fed7cf276a7dfe63b
Size

1.4MB
Sample

240630-w3ew5avgrk
MD5

70cd455d964428878ffb0bca7502ac84
SHA1

5c900e0c88a31a3dd621ae9e026d3f6ce7e4a551
SHA256

98c4e27dd7acf6454aeba5e72dabe3cc7bfa4756b9efbe4fed7cf276a7dfe63b
SHA512

8ec39ca6600bc241de13b98175ef278325272c8ece6fdcbab0e65831f2ee642ab7c06c7635038839c5d69a65a382d1a3945913a33e448151eec219d580ff6056
SSDEEP

24576:S7SUWoDtOo8aUYoj1thwbNEHfndEGJMvw:S7z8hjrhqNWVEN

Score

10^/10

ramnit banker spyware stealer trojan upx worm

Static task

static1

1 signatures

Behavioral task

behavioral1

Sample

98c4e27dd7acf6454aeba5e72dabe3cc7bfa4756b9efbe4fed7cf276a7dfe63b.exe

Resource

win7-20240508-en

ramnit banker spyware stealer trojan upx worm

windows7-x64

17 signatures

150 seconds

Behavioral task

behavioral2

Sample

98c4e27dd7acf6454aeba5e72dabe3cc7bfa4756b9efbe4fed7cf276a7dfe63b.exe

Resource

win10v2004-20240508-en

ramnit banker spyware stealer trojan upx worm

windows10-2004-x64

14 signatures

150 seconds

Malware Config

Targets

- Target
  
  98c4e27dd7acf6454aeba5e72dabe3cc7bfa4756b9efbe4fed7cf276a7dfe63b
- Size
  
  1.4MB
- MD5
  
  70cd455d964428878ffb0bca7502ac84
- SHA1
  
  5c900e0c88a31a3dd621ae9e026d3f6ce7e4a551
- SHA256
  
  98c4e27dd7acf6454aeba5e72dabe3cc7bfa4756b9efbe4fed7cf276a7dfe63b
- SHA512
  
  8ec39ca6600bc241de13b98175ef278325272c8ece6fdcbab0e65831f2ee642ab7c06c7635038839c5d69a65a382d1a3945913a33e448151eec219d580ff6056
- SSDEEP
  
  24576:S7SUWoDtOo8aUYoj1thwbNEHfndEGJMvw:S7z8hjrhqNWVEN
Score

10^/10

ramnit banker spyware stealer trojan upx worm
- Ramnit
  Ramnit is a versatile family that holds viruses, worms, and Trojans.
  trojan spyware stealer worm banker ramnit
- Deletes itself
- Executes dropped EXE
- Loads dropped DLL
- UPX packed file
  Detects executables packed with UPX/modified UPX open source packer.
  upx
- Enumerates connected drives
  Attempts to read the root path of hard drives other than the default C: drive.
behavioral1 behavioral2

MITRE ATT&CK Matrix ATT&CK v13

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Modify Registry

Credential Access

Discovery

Query Registry

Peripheral Device Discovery

System Information Discovery

Lateral Movement

Collection

Exfiltration

Command and Control

Impact

Resource Development

Reconnaissance

Tasks

static1

behavioral1

ramnitbankerspywarestealertrojanupxworm

behavioral2

ramnitbankerspywarestealertrojanupxworm

© 2018-2024

Terms | Privacy