Overview

overview

10

Static

static

5de62c3c1c...cc.exe

windows7_x64

10

5de62c3c1c...cc.exe

windows10_x64

10

Sharing

Copy URL
Twitter E-mail

General

  • Target

    5de62c3c1c41d06149b79ba86dfe8d50efc5dcef0b0850d3fdb85f0f0d20f3cc

  • Size

    542KB

  • Sample

    210515-3yf35m163x

  • MD5

    b4c74676450971f9f31274c662c00d5a

  • SHA1

    0a5e1c81f52723c054ac9d2c8f1a8dff5f4709ca

  • SHA256

    5de62c3c1c41d06149b79ba86dfe8d50efc5dcef0b0850d3fdb85f0f0d20f3cc

  • SHA512

    7571c7b29b6b8fdbd95a06460a6603153627fbeff82c45305e00ef24cc52edf9f09afbc4cc6f2110ad35896288108a8ad75455ee71d59a363b63a9f1f2aeb841

Score
10/10
ramnitbankerspywarestealertrojanupxworm

Malware Config

Targets

    • Target

      5de62c3c1c41d06149b79ba86dfe8d50efc5dcef0b0850d3fdb85f0f0d20f3cc

    • Size

      542KB

    • MD5

      b4c74676450971f9f31274c662c00d5a

    • SHA1

      0a5e1c81f52723c054ac9d2c8f1a8dff5f4709ca

    • SHA256

      5de62c3c1c41d06149b79ba86dfe8d50efc5dcef0b0850d3fdb85f0f0d20f3cc

    • SHA512

      7571c7b29b6b8fdbd95a06460a6603153627fbeff82c45305e00ef24cc52edf9f09afbc4cc6f2110ad35896288108a8ad75455ee71d59a363b63a9f1f2aeb841

    Score
    10/10
    ramnitbankerspywarestealertrojanupxworm

    • Ramnit

      Ramnit is a versatile family that holds viruses, worms, and Trojans.

      trojanspywarestealerwormbankerramnit

    • Executes dropped EXE

    • UPX packed file

      Detects executables packed with UPX/modified UPX open source packer.

      upx

    • Loads dropped DLL

    behavioral1behavioral2

MITRE ATT&CK Matrix ATT&CK v6

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Modify Registry

1
T1112

Credential Access

Discovery

Lateral Movement

Collection

Exfiltration

Command and Control

Impact

Tasks