Overview

overview

10

Static

static

4da942f1e8...7a.dll

windows7-x64

10

4da942f1e8...7a.dll

windows10-2004-x64

10

Sharing

Copy URL Twitter E-mail

General

  • Target

    4da942f1e8b45cf417c285a474ea689cd7531796b973d6273edfa0e9b79fe27a

  • Size

    184KB

  • Sample

    221021-al1llscfal

  • MD5

    70ea5dd14af2025f122cd87d990f57b0

  • SHA1

    74874ad0f3bf2c77e1eac1c8c582d3b36f29470a

  • SHA256

    4da942f1e8b45cf417c285a474ea689cd7531796b973d6273edfa0e9b79fe27a

  • SHA512

    a7d5719725a35b640f92fe8cd4803b1d4c6ebbb8307a779a5888805b5c2dc5c7397591deaf3c4abb8be1d34ac508d5599cceefe3083c2df38fec26e513b8c927

  • SSDEEP

    3072:KpaDS2heyIqSrjWY9lLh0hcohU3fh+vRa0gVAK+hpJ:KQvhefbmYjKvRa/5+hpJ

Score
10/10
ramnitbankerspywarestealertrojanupxworm

Malware Config

Targets

    • Target

      4da942f1e8b45cf417c285a474ea689cd7531796b973d6273edfa0e9b79fe27a

    • Size

      184KB

    • MD5

      70ea5dd14af2025f122cd87d990f57b0

    • SHA1

      74874ad0f3bf2c77e1eac1c8c582d3b36f29470a

    • SHA256

      4da942f1e8b45cf417c285a474ea689cd7531796b973d6273edfa0e9b79fe27a

    • SHA512

      a7d5719725a35b640f92fe8cd4803b1d4c6ebbb8307a779a5888805b5c2dc5c7397591deaf3c4abb8be1d34ac508d5599cceefe3083c2df38fec26e513b8c927

    • SSDEEP

      3072:KpaDS2heyIqSrjWY9lLh0hcohU3fh+vRa0gVAK+hpJ:KQvhefbmYjKvRa/5+hpJ

    Score
    10/10
    ramnitbankerspywarestealertrojanupxworm

    • Ramnit

      Ramnit is a versatile family that holds viruses, worms, and Trojans.

      trojanspywarestealerwormbankerramnit

    • Executes dropped EXE

    • UPX packed file

      Detects executables packed with UPX/modified UPX open source packer.

      upx

    • Loads dropped DLL

    • Drops file in System32 directory

    behavioral1behavioral2

MITRE ATT&CK Enterprise v6

Tasks