General
-
Target
84186ebea917bee4d854ff5a1f97356ab7c3a2c9c10ec9305fc476828b2b2ab8
-
Size
232KB
-
Sample
221127-shvv3aff77
-
MD5
6c1eb9f505b2248d9d18605d9a51357a
-
SHA1
900a4cfe526e4cf4f6df18ff188fe9268a01d33d
-
SHA256
84186ebea917bee4d854ff5a1f97356ab7c3a2c9c10ec9305fc476828b2b2ab8
-
SHA512
a7910b93a1e133a9c14aadd4fda30298e3d320f539753b391307a3d15a4952e64018a20323432068a92b19059175e367c4f0be1d3eafbfd2f6e331f66b7b3597
-
SSDEEP
3072:MJ0A2KvUXh9O5P908zsStvqeSwCKx83lUICxsqcAeNQbOwG/Ij4ATd3:A0A2auu10usSJbuKxAlicbNI344
Malware Config
Targets
-
-
Target
84186ebea917bee4d854ff5a1f97356ab7c3a2c9c10ec9305fc476828b2b2ab8
-
Size
232KB
-
MD5
6c1eb9f505b2248d9d18605d9a51357a
-
SHA1
900a4cfe526e4cf4f6df18ff188fe9268a01d33d
-
SHA256
84186ebea917bee4d854ff5a1f97356ab7c3a2c9c10ec9305fc476828b2b2ab8
-
SHA512
a7910b93a1e133a9c14aadd4fda30298e3d320f539753b391307a3d15a4952e64018a20323432068a92b19059175e367c4f0be1d3eafbfd2f6e331f66b7b3597
-
SSDEEP
3072:MJ0A2KvUXh9O5P908zsStvqeSwCKx83lUICxsqcAeNQbOwG/Ij4ATd3:A0A2auu10usSJbuKxAlicbNI344
Score10/10-
Ramnit
Ramnit is a versatile family that holds viruses, worms, and Trojans.
-
Executes dropped EXE
-
UPX packed file
Detects executables packed with UPX/modified UPX open source packer.
-
Checks computer location settings
Looks up country code configured in the registry, likely geofence.
-
Deletes itself
-
Loads dropped DLL
-
Drops file in System32 directory
-