Overview

overview

10

Static

static

454457e0c5...b5.dll

windows7_x64

10

454457e0c5...b5.dll

windows10-2004_x64

10

Sharing

Copy URL
Twitter E-mail

General

  • Target

    454457e0c541912a27e549c19a518a7669da57039a8d34e99411618e310bd1b5

  • Size

    496KB

  • Sample

    220707-tw6p6achd3

  • MD5

    74552aa7084368c230516c656da8ac78

  • SHA1

    ef2989cc79787a5e1ef55b58eb170be902aab084

  • SHA256

    454457e0c541912a27e549c19a518a7669da57039a8d34e99411618e310bd1b5

  • SHA512

    acd324c8c8ffcd1c084dba58b19699975f9102fb4abd40917ee9714802c29d32f4d1e95deb7b3e88a651ad0b79dadba64bb7269f6c0bb475e2a5d3d97d970bcf

Score
10/10
ramnitbankerspywarestealertrojanupxworm

Malware Config

Targets

    • Target

      454457e0c541912a27e549c19a518a7669da57039a8d34e99411618e310bd1b5

    • Size

      496KB

    • MD5

      74552aa7084368c230516c656da8ac78

    • SHA1

      ef2989cc79787a5e1ef55b58eb170be902aab084

    • SHA256

      454457e0c541912a27e549c19a518a7669da57039a8d34e99411618e310bd1b5

    • SHA512

      acd324c8c8ffcd1c084dba58b19699975f9102fb4abd40917ee9714802c29d32f4d1e95deb7b3e88a651ad0b79dadba64bb7269f6c0bb475e2a5d3d97d970bcf

    Score
    10/10
    ramnitbankerspywarestealertrojanupxworm

    • Ramnit

      Ramnit is a versatile family that holds viruses, worms, and Trojans.

      trojanspywarestealerwormbankerramnit

    • Executes dropped EXE

    • UPX packed file

      Detects executables packed with UPX/modified UPX open source packer.

      upx

    • Loads dropped DLL

    • Drops file in System32 directory

    behavioral1behavioral2

MITRE ATT&CK Matrix ATT&CK v6

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Modify Registry

1
T1112

Credential Access

Discovery

Lateral Movement

Collection

Exfiltration

Command and Control

Impact

Tasks