General

  • Target

    a5831f2e307dba46623148d2b099485cf74e983626009b341848b124d7720e58

  • Size

    160KB

  • Sample

    210505-rnld7zsk9e

  • MD5

    c3523cb36e33bcfb4bbf5644eff8dc00

  • SHA1

    a8b662ffd48a31ef44b2f7f4ca8802b04b611abd

  • SHA256

    a5831f2e307dba46623148d2b099485cf74e983626009b341848b124d7720e58

  • SHA512

    2d26a9ded78a9d4662e35da658adc1cf48fb4c0f0addbb0f409ceec24ec9542b1f35a3d96e29281f039e286e578c6fc77f6703e99e661393473475eb1d943545

Malware Config

Targets

    • Target

      a5831f2e307dba46623148d2b099485cf74e983626009b341848b124d7720e58

    • Size

      160KB

    • MD5

      c3523cb36e33bcfb4bbf5644eff8dc00

    • SHA1

      a8b662ffd48a31ef44b2f7f4ca8802b04b611abd

    • SHA256

      a5831f2e307dba46623148d2b099485cf74e983626009b341848b124d7720e58

    • SHA512

      2d26a9ded78a9d4662e35da658adc1cf48fb4c0f0addbb0f409ceec24ec9542b1f35a3d96e29281f039e286e578c6fc77f6703e99e661393473475eb1d943545

    • Ramnit

      Ramnit is a versatile family that holds viruses, worms, and Trojans.

    • Executes dropped EXE

    • UPX packed file

      Detects executables packed with UPX/modified UPX open source packer.

    • Loads dropped DLL

    • Drops file in System32 directory

MITRE ATT&CK Matrix ATT&CK v6

Defense Evasion

Modify Registry

1
T1112

Tasks