Overview

overview

10

Static

static

7c1b46b7c5...d8.exe

windows7-x64

10

7c1b46b7c5...d8.exe

windows10-2004-x64

10

Sharing

Copy URL Twitter E-mail

General

  • Target

    7c1b46b7c5230e34c8d2c77c609432e7fb5b01a308626d9bda6cd4d05e0b26d8

  • Size

    144KB

  • Sample

    221128-cxw4nsgg54

  • MD5

    b26977d6ca8ee4713abb31030832b62b

  • SHA1

    7bf477dcbf4cd62bbc0d943a1e9e51d4b286333d

  • SHA256

    7c1b46b7c5230e34c8d2c77c609432e7fb5b01a308626d9bda6cd4d05e0b26d8

  • SHA512

    9b3fdaf8f1e58874b48754a534ae7f5c4c87a3020ed8662c75072b99ad29fc0f712b38d8f92c31ab7c490c951f8339126fdd1a471be3a954a54b61ffa23306a7

  • SSDEEP

    3072:5pg77KVgYvMskYtfxjGt6htii/pY8Y619lqlw0GY8cUvD:5pg7tYvMsk8ZA62i/e89lGw0GY8Br

Score
10/10
ramnitbankerpersistencespywarestealertrojanupxworm

Malware Config

Targets

    • Target

      7c1b46b7c5230e34c8d2c77c609432e7fb5b01a308626d9bda6cd4d05e0b26d8

    • Size

      144KB

    • MD5

      b26977d6ca8ee4713abb31030832b62b

    • SHA1

      7bf477dcbf4cd62bbc0d943a1e9e51d4b286333d

    • SHA256

      7c1b46b7c5230e34c8d2c77c609432e7fb5b01a308626d9bda6cd4d05e0b26d8

    • SHA512

      9b3fdaf8f1e58874b48754a534ae7f5c4c87a3020ed8662c75072b99ad29fc0f712b38d8f92c31ab7c490c951f8339126fdd1a471be3a954a54b61ffa23306a7

    • SSDEEP

      3072:5pg77KVgYvMskYtfxjGt6htii/pY8Y619lqlw0GY8cUvD:5pg7tYvMsk8ZA62i/e89lGw0GY8Br

    Score
    10/10
    ramnitbankerpersistencespywarestealertrojanupxworm

    • Ramnit

      Ramnit is a versatile family that holds viruses, worms, and Trojans.

      trojanspywarestealerwormbankerramnit

    • Executes dropped EXE

    • UPX packed file

      Detects executables packed with UPX/modified UPX open source packer.

      upx

    • Loads dropped DLL

    • Adds Run key to start application

      persistence
    behavioral1behavioral2

MITRE ATT&CK Enterprise v6

Tasks