Overview

overview

10

Static

static

9a67ca9394...13.dll

windows7-x64

10

9a67ca9394...13.dll

windows10-2004-x64

10

Sharing

Copy URL
Twitter E-mail

General

  • Target

    9a67ca9394f49740940434eb6aec56e8d95e46fcba069b7a31266adb1ce6ec13

  • Size

    408KB

  • Sample

    221106-zpjvpsbdc5

  • MD5

    046e1550e3b43207ce668c406161164d

  • SHA1

    8b457ddda0da97f117a5ad55f76e8fa312e92e0c

  • SHA256

    9a67ca9394f49740940434eb6aec56e8d95e46fcba069b7a31266adb1ce6ec13

  • SHA512

    30c69ac88fd7baaa1ff7e6281b4960e01aef1de8d9915e607d0c03ec9bc5e2f038b7f9d115c50a02f4101202d0e9a14fbe3043038025476c31f79a67686608fa

  • SSDEEP

    12288:Loz83OtIEzW+/m/AyF7bCrO/E0McMxwFB:YbIEzW+/m/rF7kcRNXr

Score
10/10
ramnitbankerpersistencespywarestealertrojanupxworm

Malware Config

Targets

    • Target

      9a67ca9394f49740940434eb6aec56e8d95e46fcba069b7a31266adb1ce6ec13

    • Size

      408KB

    • MD5

      046e1550e3b43207ce668c406161164d

    • SHA1

      8b457ddda0da97f117a5ad55f76e8fa312e92e0c

    • SHA256

      9a67ca9394f49740940434eb6aec56e8d95e46fcba069b7a31266adb1ce6ec13

    • SHA512

      30c69ac88fd7baaa1ff7e6281b4960e01aef1de8d9915e607d0c03ec9bc5e2f038b7f9d115c50a02f4101202d0e9a14fbe3043038025476c31f79a67686608fa

    • SSDEEP

      12288:Loz83OtIEzW+/m/AyF7bCrO/E0McMxwFB:YbIEzW+/m/rF7kcRNXr

    Score
    10/10
    ramnitbankerpersistencespywarestealertrojanupxworm

    • Modifies WinLogon for persistence

      persistence

    • Ramnit

      Ramnit is a versatile family that holds viruses, worms, and Trojans.

      trojanspywarestealerwormbankerramnit

    • Executes dropped EXE

    • UPX packed file

      Detects executables packed with UPX/modified UPX open source packer.

      upx

    • Loads dropped DLL

    • Drops file in System32 directory

    behavioral1behavioral2

MITRE ATT&CK Enterprise v6

Tasks