Overview

overview

10

Static

static

1281f7fffd...20.dll

windows7-x64

10

1281f7fffd...20.dll

windows10-2004-x64

8

Sharing

Copy URL
Twitter E-mail

General

  • Target

    1281f7fffd63f60b1f87c13d81d0af5f8a4133005e9a319a21478f71be9d8b20

  • Size

    817KB

  • Sample

    221030-wgjcesdfcq

  • MD5

    8300cb5608b418931cb8b815761b824f

  • SHA1

    7f9e29a3033bc8482fe50671e143275cf48c7b5a

  • SHA256

    1281f7fffd63f60b1f87c13d81d0af5f8a4133005e9a319a21478f71be9d8b20

  • SHA512

    5b0ab8fd3b73b3086564843d7ec5e55a956a058c8c1df076aba79ec823a8120b8d26f9513cdc3f55122375c40cb85e69ae47e1b55d0a854831512480ac967b41

  • SSDEEP

    24576:mbEPDddPu015nWvNvBrvZtPD8VXMeBAGb:eqDddPV1+5bPb8tMk

Score
10/10
ramnitbankerspywarestealertrojanupxworm

Malware Config

Targets

    • Target

      1281f7fffd63f60b1f87c13d81d0af5f8a4133005e9a319a21478f71be9d8b20

    • Size

      817KB

    • MD5

      8300cb5608b418931cb8b815761b824f

    • SHA1

      7f9e29a3033bc8482fe50671e143275cf48c7b5a

    • SHA256

      1281f7fffd63f60b1f87c13d81d0af5f8a4133005e9a319a21478f71be9d8b20

    • SHA512

      5b0ab8fd3b73b3086564843d7ec5e55a956a058c8c1df076aba79ec823a8120b8d26f9513cdc3f55122375c40cb85e69ae47e1b55d0a854831512480ac967b41

    • SSDEEP

      24576:mbEPDddPu015nWvNvBrvZtPD8VXMeBAGb:eqDddPV1+5bPb8tMk

    Score
    10/10
    ramnitbankerspywarestealertrojanupxworm

    • Ramnit

      Ramnit is a versatile family that holds viruses, worms, and Trojans.

      trojanspywarestealerwormbankerramnit

    • Executes dropped EXE

    • UPX packed file

      Detects executables packed with UPX/modified UPX open source packer.

      upx

    • Loads dropped DLL

    • Drops file in System32 directory

    behavioral1behavioral2

MITRE ATT&CK Enterprise v6

Tasks