Overview

overview

10

Static

static

01aa2e7804...18.dll

windows7-x64

10

01aa2e7804...18.dll

windows10-2004-x64

8

Sharing

Copy URL
Twitter E-mail

General

  • Target

    01aa2e7804c6e6ffec4a9737de1ff03b4bf75f02353fb96e504ec77d2cdb8518

  • Size

    218KB

  • Sample

    221127-yd923sdd47

  • MD5

    f5c18ff302b62698708343c4a33764a8

  • SHA1

    7423539a002307adf14b003139e8a82cf5b43704

  • SHA256

    01aa2e7804c6e6ffec4a9737de1ff03b4bf75f02353fb96e504ec77d2cdb8518

  • SHA512

    548066354914d8762ae715c11ff571b4418e10b578d31fd5a46a2d8d95591a6924781e066455c7f1a53d6518a6321a69c038765e2a19e6b7f4b085c886c0f671

  • SSDEEP

    6144:3TXGjSNGr9fvoAIIitPT1qROITh3qxMaS:3bGjsGZfgAIIitgTVOS

Score
10/10
ramnitbankerspywarestealertrojanupxworm

Malware Config

Targets

    • Target

      01aa2e7804c6e6ffec4a9737de1ff03b4bf75f02353fb96e504ec77d2cdb8518

    • Size

      218KB

    • MD5

      f5c18ff302b62698708343c4a33764a8

    • SHA1

      7423539a002307adf14b003139e8a82cf5b43704

    • SHA256

      01aa2e7804c6e6ffec4a9737de1ff03b4bf75f02353fb96e504ec77d2cdb8518

    • SHA512

      548066354914d8762ae715c11ff571b4418e10b578d31fd5a46a2d8d95591a6924781e066455c7f1a53d6518a6321a69c038765e2a19e6b7f4b085c886c0f671

    • SSDEEP

      6144:3TXGjSNGr9fvoAIIitPT1qROITh3qxMaS:3bGjsGZfgAIIitgTVOS

    Score
    10/10
    ramnitbankerspywarestealertrojanupxworm

    • Ramnit

      Ramnit is a versatile family that holds viruses, worms, and Trojans.

      trojanspywarestealerwormbankerramnit

    • Executes dropped EXE

    • UPX packed file

      Detects executables packed with UPX/modified UPX open source packer.

      upx

    • Loads dropped DLL

    • Drops file in System32 directory

    behavioral1behavioral2

MITRE ATT&CK Matrix ATT&CK v6

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Modify Registry

1
T1112

Credential Access

Discovery

Lateral Movement

Collection

Exfiltration

Command and Control

Impact

Tasks