Overview

overview

10

Static

static

9138d68948...4b.dll

windows7_x64

10

9138d68948...4b.dll

windows10_x64

10

Sharing

Copy URL
Twitter E-mail

General

  • Target

    9138d6894835cba858eef7220705b5a54b5aa467fc8f931d8a2d26cc1279604b

  • Size

    1.1MB

  • Sample

    210515-v39m7lpdg6

  • MD5

    fd77b649a073f7ae918c648fbb662287

  • SHA1

    584e144d661c571c15845a76b4cca0dadcb10761

  • SHA256

    9138d6894835cba858eef7220705b5a54b5aa467fc8f931d8a2d26cc1279604b

  • SHA512

    249806a99439d7228737085b625c67329a0861fa37786d7d0f9617ea587c5a09f05ba4e6e47f2223dae1456e5a912223fff460ec3ce4495545c30894c5c01003

Score
10/10
ramnitbankerspywarestealertrojanupxworm

Malware Config

Targets

    • Target

      9138d6894835cba858eef7220705b5a54b5aa467fc8f931d8a2d26cc1279604b

    • Size

      1.1MB

    • MD5

      fd77b649a073f7ae918c648fbb662287

    • SHA1

      584e144d661c571c15845a76b4cca0dadcb10761

    • SHA256

      9138d6894835cba858eef7220705b5a54b5aa467fc8f931d8a2d26cc1279604b

    • SHA512

      249806a99439d7228737085b625c67329a0861fa37786d7d0f9617ea587c5a09f05ba4e6e47f2223dae1456e5a912223fff460ec3ce4495545c30894c5c01003

    Score
    10/10
    ramnitbankerspywarestealertrojanupxworm

    • Ramnit

      Ramnit is a versatile family that holds viruses, worms, and Trojans.

      trojanspywarestealerwormbankerramnit

    • Executes dropped EXE

    • UPX packed file

      Detects executables packed with UPX/modified UPX open source packer.

      upx

    • Loads dropped DLL

    • Drops file in System32 directory

    behavioral1behavioral2

MITRE ATT&CK Matrix ATT&CK v6

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Modify Registry

1
T1112

Credential Access

Discovery

Lateral Movement

Collection

Exfiltration

Command and Control

Impact

Tasks