Overview

overview

10

Static

static

3cabd6b4ed...e3.exe

windows7_x64

10

3cabd6b4ed...e3.exe

windows10-2004_x64

10

Sharing

Copy URL
Twitter E-mail

General

  • Target

    3cabd6b4edbffa940ed1080ab93015ed89a5d1ab228e5008677de63dbd2fbbe3

  • Size

    469KB

  • Sample

    220703-gd9ymshahn

  • MD5

    709802f0cfb676e53115189b5cd91cfc

  • SHA1

    97027efdd9473b5f431179bc9b7ced86126cc625

  • SHA256

    3cabd6b4edbffa940ed1080ab93015ed89a5d1ab228e5008677de63dbd2fbbe3

  • SHA512

    2e7fd447ecfdb6bb53dce4e7d560881ecfbe036b5dd2c20414fb76c792653ca40a2b9774cc40ee074d3a4c0a340521bf120a93d174c3c69ce2fb562412ba951e

Score
10/10
ramnitbankerevasionspywarestealertrojanupxworm

Malware Config

Targets

    • Target

      3cabd6b4edbffa940ed1080ab93015ed89a5d1ab228e5008677de63dbd2fbbe3

    • Size

      469KB

    • MD5

      709802f0cfb676e53115189b5cd91cfc

    • SHA1

      97027efdd9473b5f431179bc9b7ced86126cc625

    • SHA256

      3cabd6b4edbffa940ed1080ab93015ed89a5d1ab228e5008677de63dbd2fbbe3

    • SHA512

      2e7fd447ecfdb6bb53dce4e7d560881ecfbe036b5dd2c20414fb76c792653ca40a2b9774cc40ee074d3a4c0a340521bf120a93d174c3c69ce2fb562412ba951e

    Score
    10/10
    ramnitbankerspywarestealertrojanupxwormevasion

    • Ramnit

      Ramnit is a versatile family that holds viruses, worms, and Trojans.

      trojanspywarestealerwormbankerramnit

    • Executes dropped EXE

    • UPX packed file

      Detects executables packed with UPX/modified UPX open source packer.

      upx

    • Loads dropped DLL

    • Checks whether UAC is enabled

      evasiontrojan

    • Enumerates connected drives

      Attempts to read the root path of hard drives other than the default C: drive.

    • Program crash

    • Drops file in System32 directory

    behavioral1behavioral2

MITRE ATT&CK Enterprise v6

Tasks