General
-
Target
b49d15a32d474df3888da6663c70a4adc598222429ab2041c91e59e5d675ae34
-
Size
128KB
-
Sample
221123-te4jgagh9y
-
MD5
42e09c9b0082be6da68c40981853d780
-
SHA1
3c5de68a29e61d47ebb77d6309fd5939e0604bdb
-
SHA256
b49d15a32d474df3888da6663c70a4adc598222429ab2041c91e59e5d675ae34
-
SHA512
94a4d77d8182f3fcde97cc9e8a9b090d430147711448bdd1f022b58e62dc23ac840c4fc0e38191155460f4c882de51124dabe85cb48c18d007a6eec3c6ec8199
-
SSDEEP
3072:4NEqkap78Etee0O9jQoJMoNEJuAhf8up:CEqkE4HNORVJnNEthfXp
Malware Config
Targets
-
-
Target
b49d15a32d474df3888da6663c70a4adc598222429ab2041c91e59e5d675ae34
-
Size
128KB
-
MD5
42e09c9b0082be6da68c40981853d780
-
SHA1
3c5de68a29e61d47ebb77d6309fd5939e0604bdb
-
SHA256
b49d15a32d474df3888da6663c70a4adc598222429ab2041c91e59e5d675ae34
-
SHA512
94a4d77d8182f3fcde97cc9e8a9b090d430147711448bdd1f022b58e62dc23ac840c4fc0e38191155460f4c882de51124dabe85cb48c18d007a6eec3c6ec8199
-
SSDEEP
3072:4NEqkap78Etee0O9jQoJMoNEJuAhf8up:CEqkE4HNORVJnNEthfXp
Score10/10-
Modifies WinLogon for persistence
-
Ramnit
Ramnit is a versatile family that holds viruses, worms, and Trojans.
-
Executes dropped EXE
-
UPX packed file
Detects executables packed with UPX/modified UPX open source packer.
-
Loads dropped DLL
-
Drops file in System32 directory
-