Overview

overview

10

Static

static

8

0834cae347...ec.dll

windows7-x64

10

0834cae347...ec.dll

windows10-2004-x64

8

Sharing

Copy URL
Twitter E-mail

General

  • Target

    0834cae347fa49ec40179e4592896b086f113a1315c592a1b3271e46cec242ec

  • Size

    1.5MB

  • Sample

    221030-v8e9eadbhn

  • MD5

    8329cc74f273668faf0aa5c306f70de2

  • SHA1

    53f4198739ff10fadefb188b60d3b9ea1de9b271

  • SHA256

    0834cae347fa49ec40179e4592896b086f113a1315c592a1b3271e46cec242ec

  • SHA512

    11721cb1648ad5bb38705e3c48749d21f6a30ea55ceb832f4c4858ae9f75fbcf9421a7ebfabe85edcbba08dc386fdecd1bfd8aba4d435edeb868825a31178e38

  • SSDEEP

    49152:QNVE+2VQYCJ+tCgBnRaGYqLILN03x+5UtMbc:QbppYCJ+YgBnRJYqLIh03hv

Score
10/10
ramnitzloaderbankerbotnetspywarestealertrojanupxworm

Malware Config

Targets

    • Target

      0834cae347fa49ec40179e4592896b086f113a1315c592a1b3271e46cec242ec

    • Size

      1.5MB

    • MD5

      8329cc74f273668faf0aa5c306f70de2

    • SHA1

      53f4198739ff10fadefb188b60d3b9ea1de9b271

    • SHA256

      0834cae347fa49ec40179e4592896b086f113a1315c592a1b3271e46cec242ec

    • SHA512

      11721cb1648ad5bb38705e3c48749d21f6a30ea55ceb832f4c4858ae9f75fbcf9421a7ebfabe85edcbba08dc386fdecd1bfd8aba4d435edeb868825a31178e38

    • SSDEEP

      49152:QNVE+2VQYCJ+tCgBnRaGYqLILN03x+5UtMbc:QbppYCJ+YgBnRJYqLIh03hv

    Score
    10/10
    ramnitzloaderbankerbotnetspywarestealertrojanupxworm

    • Ramnit

      Ramnit is a versatile family that holds viruses, worms, and Trojans.

      trojanspywarestealerwormbankerramnit

    • Zloader, Terdot, DELoader, ZeusSphinx

      Zloader is a malware strain that was initially discovered back in August 2015.

      trojanbotnetzloader

    • Executes dropped EXE

    • UPX packed file

      Detects executables packed with UPX/modified UPX open source packer.

      upx

    • Loads dropped DLL

    • Drops file in System32 directory

    behavioral1behavioral2

MITRE ATT&CK Enterprise v6

Tasks