Overview

overview

10

Static

static

1

2bb2e3b6ea...72.exe

windows7_x64

10

2bb2e3b6ea...72.exe

windows10-2004_x64

10

Sharing

Copy URL
Twitter E-mail

General

  • Target

    2bb2e3b6eae9a898f9686255c1c7a0bf6b17ccee7f422aee571179acb5f1b572

  • Size

    10.1MB

  • Sample

    220615-bm7xraebaj

  • MD5

    c4d1b9121ad973a18e928ac20882d4f9

  • SHA1

    002019e5c2436898d0647e08a1175d4debd6dcdb

  • SHA256

    2bb2e3b6eae9a898f9686255c1c7a0bf6b17ccee7f422aee571179acb5f1b572

  • SHA512

    fc8dc2c6d9536543c09d46e40cbf56772b7aa3c1aeb795fcd52aba8b154aab64f708ad65659bed3cf4faf065dbdf258e58c707f4b0341ea1aacd81383167e317

Score
10/10
ramnitbankerspywarestealertrojanupxworm

Malware Config

Targets

    • Target

      2bb2e3b6eae9a898f9686255c1c7a0bf6b17ccee7f422aee571179acb5f1b572

    • Size

      10.1MB

    • MD5

      c4d1b9121ad973a18e928ac20882d4f9

    • SHA1

      002019e5c2436898d0647e08a1175d4debd6dcdb

    • SHA256

      2bb2e3b6eae9a898f9686255c1c7a0bf6b17ccee7f422aee571179acb5f1b572

    • SHA512

      fc8dc2c6d9536543c09d46e40cbf56772b7aa3c1aeb795fcd52aba8b154aab64f708ad65659bed3cf4faf065dbdf258e58c707f4b0341ea1aacd81383167e317

    Score
    10/10
    ramnitbankerspywarestealertrojanupxworm

    • Ramnit

      Ramnit is a versatile family that holds viruses, worms, and Trojans.

      trojanspywarestealerwormbankerramnit

    • Executes dropped EXE

    • UPX packed file

      Detects executables packed with UPX/modified UPX open source packer.

      upx

    • Loads dropped DLL

    behavioral1behavioral2

MITRE ATT&CK Matrix ATT&CK v6

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Modify Registry

1
T1112

Credential Access

Discovery

System Information Discovery

1
T1082

Lateral Movement

Collection

Exfiltration

Command and Control

Impact

Tasks