Overview

overview

10

Static

static

7c677d474e...7e.exe

windows7-x64

10

7c677d474e...7e.exe

windows10-2004-x64

8

Sharing

Copy URL
Twitter E-mail

General

  • Target

    7c677d474e848032460b3928bc3421a3a502ecbe49245a66be33fed9ac5fbf7e

  • Size

    103KB

  • Sample

    221029-eqexxsbdhk

  • MD5

    5dd9e47c20c4ab4f9bcf97fdac6092ae

  • SHA1

    171cebaf06b2c8a198ec5084c347b97d690b021f

  • SHA256

    7c677d474e848032460b3928bc3421a3a502ecbe49245a66be33fed9ac5fbf7e

  • SHA512

    076459a471715e75cc7112e733b383dd2d46be9f48bdce088051161f07eaa45919bc28936908506c43bdd45a2ba56886ee420784c2c4766dc57abd8bc7909454

  • SSDEEP

    1536:Ocm1t4MluQqXc4vdcHcpTJioZJcUOzyKhcxVXJ4yqEpOEY4ExsKpkpYnCLt:5s4vy4T1uX1QTNExsGCjJ

Score
10/10
ramnitbankerevasionpersistencespywarestealertrojanupxworm

Malware Config

Targets

    • Target

      7c677d474e848032460b3928bc3421a3a502ecbe49245a66be33fed9ac5fbf7e

    • Size

      103KB

    • MD5

      5dd9e47c20c4ab4f9bcf97fdac6092ae

    • SHA1

      171cebaf06b2c8a198ec5084c347b97d690b021f

    • SHA256

      7c677d474e848032460b3928bc3421a3a502ecbe49245a66be33fed9ac5fbf7e

    • SHA512

      076459a471715e75cc7112e733b383dd2d46be9f48bdce088051161f07eaa45919bc28936908506c43bdd45a2ba56886ee420784c2c4766dc57abd8bc7909454

    • SSDEEP

      1536:Ocm1t4MluQqXc4vdcHcpTJioZJcUOzyKhcxVXJ4yqEpOEY4ExsKpkpYnCLt:5s4vy4T1uX1QTNExsGCjJ

    Score
    10/10
    ramnitbankerevasionpersistencespywarestealertrojanupxworm

    • Modifies WinLogon for persistence

      persistence

    • Ramnit

      Ramnit is a versatile family that holds viruses, worms, and Trojans.

      trojanspywarestealerwormbankerramnit

    • UAC bypass

      evasiontrojan

    • Executes dropped EXE

    • UPX packed file

      Detects executables packed with UPX/modified UPX open source packer.

      upx

    • Drops startup file

    • Loads dropped DLL

    • Adds Run key to start application

      persistence

    • Checks whether UAC is enabled

      evasiontrojan

    • Suspicious use of SetThreadContext

    behavioral1behavioral2

MITRE ATT&CK Enterprise v6

Tasks