General
-
Target
f5c09ed0703b3d8d3d72c7b0bb812be89a532d5b0e6b901f766cc9b3d656fb66
-
Size
224KB
-
Sample
221123-xn5pnsff22
-
MD5
2789b7c7e26a77a55a442b318dd4e9ff
-
SHA1
50a1991c969c5c7670df9f38c3aba38f0f5c46a2
-
SHA256
f5c09ed0703b3d8d3d72c7b0bb812be89a532d5b0e6b901f766cc9b3d656fb66
-
SHA512
aafe723b242446de7efaaac247dc67b104a3dd8844ee74297eb69c544414249c14b84692f03f229acfb20c1bd0dbda7b31e32dc59ee86cf6bb719d699f2aa87d
-
SSDEEP
3072:wh0xWbpiLItpMGuFD9lTc3hcoeSwItEL+0PhnL:whjpi8tGftLxItELD
Malware Config
Targets
-
-
Target
f5c09ed0703b3d8d3d72c7b0bb812be89a532d5b0e6b901f766cc9b3d656fb66
-
Size
224KB
-
MD5
2789b7c7e26a77a55a442b318dd4e9ff
-
SHA1
50a1991c969c5c7670df9f38c3aba38f0f5c46a2
-
SHA256
f5c09ed0703b3d8d3d72c7b0bb812be89a532d5b0e6b901f766cc9b3d656fb66
-
SHA512
aafe723b242446de7efaaac247dc67b104a3dd8844ee74297eb69c544414249c14b84692f03f229acfb20c1bd0dbda7b31e32dc59ee86cf6bb719d699f2aa87d
-
SSDEEP
3072:wh0xWbpiLItpMGuFD9lTc3hcoeSwItEL+0PhnL:whjpi8tGftLxItELD
Score10/10-
Modifies WinLogon for persistence
-
Ramnit
Ramnit is a versatile family that holds viruses, worms, and Trojans.
-
Executes dropped EXE
-
UPX packed file
Detects executables packed with UPX/modified UPX open source packer.
-
Loads dropped DLL
-
Drops file in System32 directory
-