Solutions for:
Home Products
Small Business
Medium Business
Enterprise
Vulnerabilities Threats
Home Threats Trojan-Dropper VBS

Trojan-Dropper.VBS.Ramnit.a

Update Date
12/23/2023

Class: Trojan-Dropper

Trojan-Dropper programs are designed to secretly install malicious programs built into their code to victim computers. This type of malicious program usually save a range of files to the victim’s drive (usually to the Windows directory, the Windows system directory, temporary directory etc.), and launches them without any notification (or with fake notification of an archive error, an outdated operating system version, etc.). Such programs are used by hackers to: secretly install Trojan programs and/or viruses protect known malicious programs from being detected by antivirus solutions; not all antivirus programs are capable of scanning all the components inside this type of Trojans.

Read more

Platform: VBS

Visual Basic Scripting Edition (VBScript) is a scripting language interpreted by Windows Script Host. VBScript is widely used to create scripts on Microsoft Windows operating systems.

Family: Ramnit

No family description

Examples

2B0838D784DCA932149E3A5C5E46251E
1A7CC97A8E461B96A0B70B062C4446C0
070E5B57D8730A27AA10340275F3EE46
0A0F7F09B3FFF6B593F663CA32FDBAFA
07754C4CF49C53A2C962020DB734C35C

Tactics and Techniques: Mitre*

TA0007
Discovery

An adversary may attempt to get detailed information about the operating system and hardware, including version, patches, hotfixes, service packs, and architecture. Adversaries may use the information from System Information Discovery during automated discovery to shape follow-on behaviors, including whether or not the adversary fully infects the target and/or attempts specific actions.


T1082
System Information Discovery

An adversary may attempt to get detailed information about the operating system and hardware, including version, patches, hotfixes, service packs, and architecture. Adversaries may use the information from System Information Discovery during automated discovery to shape follow-on behaviors, including whether or not the adversary fully infects the target and/or attempts specific actions.


* © 2025 The MITRE Corporation. This work is reproduced and distributed with the permission of The MITRE Corporation.

Kaspersky Next
Let’s go Next: redefine your business’s cybersecurity
Learn more
New Kaspersky!
Your digital life deserves complete protection!
Learn more
Related articles
18 February 2025
Securelist
StaryDobry ruins New Year’s Eve, delivering miner instead of presents
05 February 2025
Securelist
Investors, Trump and the Illuminati: What the “Nigerian prince” scams became in 2024
05 February 2025
Securelist
Take my money: OCR crypto stealers in Google Play and App Store
31 January 2025
Securelist
One policy to rule them all
30 January 2025
Securelist
No need to RSVP: a closer look at the Tria stealer campaign
29 January 2025
Securelist
Threat predictions for industrial enterprises 2025
Found an inaccuracy in the description of this vulnerability?
If you found a new Threat or Vulnerability, please, let us know by email:
newvirus@kaspersky.com
Found a new Threat or Vulnerability?
If you found a new Threat or Vulnerability, please, let us know by email:
newvirus@kaspersky.com
Solutions for
Home Products
Small Business
Medium Business
Enterprise
Select language
Sorting
Threat
Confirm changes?
Your message has been sent successfully.