General

  • Target

    b5c6c407900323c075b22bcf983d851b718aa57146a8bca08b02bb6cdbcd3935

  • Size

    2.4MB

  • Sample

    210508-kqtfwlcvaa

  • MD5

    d14ab4192771b0eb817a7efd4791a141

  • SHA1

    921a80ddaa048c07e26c90c9ee72930bdcd9985d

  • SHA256

    b5c6c407900323c075b22bcf983d851b718aa57146a8bca08b02bb6cdbcd3935

  • SHA512

    96a5f6475fd5de9d0740972553ac45255888f744895e3628afa553b444dc5c51c18e72c3dbfa3488ac2d62274f8d171a3b6abe4d72246410831bc0551793a1f1

Malware Config

Targets

    • Target

      b5c6c407900323c075b22bcf983d851b718aa57146a8bca08b02bb6cdbcd3935

    • Size

      2.4MB

    • MD5

      d14ab4192771b0eb817a7efd4791a141

    • SHA1

      921a80ddaa048c07e26c90c9ee72930bdcd9985d

    • SHA256

      b5c6c407900323c075b22bcf983d851b718aa57146a8bca08b02bb6cdbcd3935

    • SHA512

      96a5f6475fd5de9d0740972553ac45255888f744895e3628afa553b444dc5c51c18e72c3dbfa3488ac2d62274f8d171a3b6abe4d72246410831bc0551793a1f1

    • Ramnit

      Ramnit is a versatile family that holds viruses, worms, and Trojans.

    • Executes dropped EXE

    • UPX packed file

      Detects executables packed with UPX/modified UPX open source packer.

    • Loads dropped DLL

MITRE ATT&CK Matrix ATT&CK v6

Defense Evasion

Modify Registry

1
T1112

Discovery

Query Registry

1
T1012

System Information Discovery

1
T1082

Tasks