Overview

overview

10

Static

static

14a5e40261...7d.exe

windows7_x64

10

14a5e40261...7d.exe

windows10_x64

10

Sharing

Copy URL
Twitter E-mail

General

  • Target

    14a5e402611dd8b1884517941b06e849430d2df8541ae9673a293ac728e6c77d

  • Size

    140KB

  • Sample

    210515-xfr1f68bte

  • MD5

    1906d4c3eae5c25542d7e933204d040a

  • SHA1

    95082d19994977c3bb79111e0c8f14826ef38636

  • SHA256

    14a5e402611dd8b1884517941b06e849430d2df8541ae9673a293ac728e6c77d

  • SHA512

    6ae34d46a11102a0f73f4a58cdcadecfa9e4bb8c2f7b16541c2a8de845998afe6892b423dbba8a6467db2bb7407f6d064f4d991c3325e603b6e6cb915e562f84

Score
10/10
ramnitbankerspywarestealertrojanupxworm

Malware Config

Targets

    • Target

      14a5e402611dd8b1884517941b06e849430d2df8541ae9673a293ac728e6c77d

    • Size

      140KB

    • MD5

      1906d4c3eae5c25542d7e933204d040a

    • SHA1

      95082d19994977c3bb79111e0c8f14826ef38636

    • SHA256

      14a5e402611dd8b1884517941b06e849430d2df8541ae9673a293ac728e6c77d

    • SHA512

      6ae34d46a11102a0f73f4a58cdcadecfa9e4bb8c2f7b16541c2a8de845998afe6892b423dbba8a6467db2bb7407f6d064f4d991c3325e603b6e6cb915e562f84

    Score
    10/10
    ramnitbankerspywarestealertrojanupxworm

    • Ramnit

      Ramnit is a versatile family that holds viruses, worms, and Trojans.

      trojanspywarestealerwormbankerramnit

    • Executes dropped EXE

    • UPX packed file

      Detects executables packed with UPX/modified UPX open source packer.

      upx

    • Loads dropped DLL

    behavioral1behavioral2

MITRE ATT&CK Matrix ATT&CK v6

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Modify Registry

1
T1112

Credential Access

Discovery

Lateral Movement

Collection

Exfiltration

Command and Control

Impact

Tasks