Win32/Ramnit [Threat Name] go to Threat

Win32/Ramnit.O [Threat Variant Name]

Category virus
Size 137728 B
Aliases Win32.Rmnet.16 (Dr.Web)
  Win32:RamnitPlugin-A (Avast)
Short description

The virus serves as a backdoor. It can be controlled remotely. The virus is usually a part of other malware. The file is run-time compressed using UPX .


The virus does not create any copies of itself.

The virus is a malicious Win32/Ramnit extension/plugin.

Other information

The virus acquires data and commands from a remote computer or the Internet.

It can execute the following operations:

  • open a specific URL address
  • visit a specific website
  • simulate user's input (clicks, taps)
  • download files from a remote computer and/or the Internet
  • run executable files
  • send requested files
  • send the list of running processes to a remote computer
  • send the list of files on a specific drive to a remote computer
  • terminate running processes
  • create folders
  • delete folders

Please enable Javascript to ensure correct displaying of this content and refresh this page.