General
-
Target
3991a9685676eef9b917a8fd477036d1b4043dad13eb23ffc8c093ade0dcd443
-
Size
337KB
-
Sample
221106-z7adzscca5
-
MD5
081f29486e224db786f238f7801cdb10
-
SHA1
09a7580d1ed7a789a60f8138cbc19fe39af417fb
-
SHA256
3991a9685676eef9b917a8fd477036d1b4043dad13eb23ffc8c093ade0dcd443
-
SHA512
b9c2d85e95393044e02d9edd19c298e16e07417635bf081f2707c368077fdee8dcfea7c3b9742b3c00d7696b53884964954c5e52c609e5729fca7164898be27e
-
SSDEEP
3072:m6YhNaQupQSenqEPpyBUVIp0+SDfBGEPqeAl9+k3XZC+b+PIjxSsD4+CDBmSAvBr:m6uNaVmSQ7yBUVICUGqFb+2AtDASAO+D
Malware Config
Targets
-
-
Target
3991a9685676eef9b917a8fd477036d1b4043dad13eb23ffc8c093ade0dcd443
-
Size
337KB
-
MD5
081f29486e224db786f238f7801cdb10
-
SHA1
09a7580d1ed7a789a60f8138cbc19fe39af417fb
-
SHA256
3991a9685676eef9b917a8fd477036d1b4043dad13eb23ffc8c093ade0dcd443
-
SHA512
b9c2d85e95393044e02d9edd19c298e16e07417635bf081f2707c368077fdee8dcfea7c3b9742b3c00d7696b53884964954c5e52c609e5729fca7164898be27e
-
SSDEEP
3072:m6YhNaQupQSenqEPpyBUVIp0+SDfBGEPqeAl9+k3XZC+b+PIjxSsD4+CDBmSAvBr:m6uNaVmSQ7yBUVICUGqFb+2AtDASAO+D
Score10/10-
Ramnit
Ramnit is a versatile family that holds viruses, worms, and Trojans.
-
Executes dropped EXE
-
UPX packed file
Detects executables packed with UPX/modified UPX open source packer.
-
Loads dropped DLL
-
Adds Run key to start application
-
Enumerates connected drives
Attempts to read the root path of hard drives other than the default C: drive.
-
Suspicious use of SetThreadContext
-