Description
Ramnit is a versatile family that holds viruses, worms, and Trojans.
c107d5d3baa13dfdd1e91ee9aafc8583e0b1f7c86e721132fb37724625717049
General
Target
Size
Sample
c107d5d3baa13dfdd1e91ee9aafc8583e0b1f7c86e721132fb37724625717049
1MB
220520-raenfafca6
Score
10 /10
MD5
SHA1
SHA256
SHA512
fda68efd40295fd40a620060a8fc9e72
f77ed41fc1de0bd5ca99bdd5eefe98894be5ab01
c107d5d3baa13dfdd1e91ee9aafc8583e0b1f7c86e721132fb37724625717049
7dd384dc749025aa15c9a9e81db69ac46c1ae42cedc781849342433961187a366fbaaa7de36c413bc37168645337011e84d568c88d856527a8fd2bf66dcde527
Malware Config
Targets
Target
MD5
Filesize
c107d5d3baa13dfdd1e91ee9aafc8583e0b1f7c86e721132fb37724625717049
fda68efd40295fd40a620060a8fc9e72
1MB
Score
10/10
SHA1
SHA256
SHA512
f77ed41fc1de0bd5ca99bdd5eefe98894be5ab01
c107d5d3baa13dfdd1e91ee9aafc8583e0b1f7c86e721132fb37724625717049
7dd384dc749025aa15c9a9e81db69ac46c1ae42cedc781849342433961187a366fbaaa7de36c413bc37168645337011e84d568c88d856527a8fd2bf66dcde527
Tags
Signatures
-
Ramnit
-
Executes dropped EXE
-
UPX packed file
Description
Detects executables packed with UPX/modified UPX open source packer.
Tags
-
Loads dropped DLL
-
Writes to the Master Boot Record (MBR)
Description
Bootkits write to the MBR to gain persistence at a level below the operating system.
Tags
TTPs
Related Tasks
MITRE ATT&CK Matrix
Collection
Command and Control
Credential Access
Defense Evasion
Discovery
Execution
Exfiltration
Impact
Initial Access
Lateral Movement
Persistence
Privilege Escalation
Tasks