General

  • Target

    59bd4cb74f42201a106ee56fcd396c0745ca1e67a91c7910858a592ec2348095

  • Size

    123KB

  • Sample

    221029-az85xaedbm

  • MD5

    0060bacecd724271979e39a875160390

  • SHA1

    786f4cc8ef9c834e6df320f798ae23d491f53cb6

  • SHA256

    59bd4cb74f42201a106ee56fcd396c0745ca1e67a91c7910858a592ec2348095

  • SHA512

    bafa131b9b24b76fafc0d8e10c6e70afd70e6257254abdb5c28d3634e10e3089f12b70293654fef17c2c96fba7f081e8828dbd20f7b3e79127440b1f76c80071

  • SSDEEP

    768:F06R0UtgnKqGR7//GPc0LOBhvBrHks3IiyhDYQbGmxlNaM+WGa1wuxnzgOYw9ICW:zR0Zn3Pc0LCH9MtbvabUDzJYWu3B

Malware Config

Targets

    • Target

      59bd4cb74f42201a106ee56fcd396c0745ca1e67a91c7910858a592ec2348095

    • Size

      123KB

    • MD5

      0060bacecd724271979e39a875160390

    • SHA1

      786f4cc8ef9c834e6df320f798ae23d491f53cb6

    • SHA256

      59bd4cb74f42201a106ee56fcd396c0745ca1e67a91c7910858a592ec2348095

    • SHA512

      bafa131b9b24b76fafc0d8e10c6e70afd70e6257254abdb5c28d3634e10e3089f12b70293654fef17c2c96fba7f081e8828dbd20f7b3e79127440b1f76c80071

    • SSDEEP

      768:F06R0UtgnKqGR7//GPc0LOBhvBrHks3IiyhDYQbGmxlNaM+WGa1wuxnzgOYw9ICW:zR0Zn3Pc0LCH9MtbvabUDzJYWu3B

    • Modifies WinLogon for persistence

    • Ramnit

      Ramnit is a versatile family that holds viruses, worms, and Trojans.

    • Executes dropped EXE

    • UPX packed file

      Detects executables packed with UPX/modified UPX open source packer.

    • Loads dropped DLL

    • Drops file in System32 directory

MITRE ATT&CK Enterprise v6

Tasks