Threat Group Cards: A Threat Actor Encyclopedia
Archived: 2026-04-02 11:27:20 UTC
Home > List all groups > List all tools > List all groups using tool Ramnit
 Tool: Ramnit
Names
Ramnit
Nimnul
Category Malware
Type Banking trojan, Credential stealer, Info stealer, Exfiltration
Description
(Cybereason) The Ramnit Trojan is a type of malware able to exfiltrate sensitive data.
This kind of data can include anything ranging from banking credentials, FTP passwords,
session cookies, and personal data. Leaking this information can easily destroy user trust
in a business, and in the process lose customers and ruin reputations. Luckily, our
onboarding was timely, and was able to detect the trojan just as it was beginning to
exfiltrate information. Our customer used our remediation tool immediately to stop the
exfiltration in its tracks.
Information
Malpedia AlienVault OTX Last change to this tool card: 03 February 2022
Download this tool card in JSON format
https://apt.etda.or.th/cgi-bin/listgroups.cgi?u=662b809d-91d0-4190-b58d-b9080d2f70c3
Page 1 of 2

All groups using tool Ramnit
Changed Name Country Observed
Other groups
  TA554 [Unknown] 2017  
1 group listed (0 APT, 1 other, 0 unknown)
Source: https://apt.etda.or.th/cgi-bin/listgroups.cgi?u=662b809d-91d0-4190-b58d-b9080d2f70c3
https://apt.etda.or.th/cgi-bin/listgroups.cgi?u=662b809d-91d0-4190-b58d-b9080d2f70c3
Page 2 of 2