Overview

overview

10

Static

static

068a77415b...9b.dll

windows7-x64

10

068a77415b...9b.dll

windows10-2004-x64

10

Sharing

Copy URL
Twitter E-mail

General

  • Target

    068a77415bcdb732b1b5f9578c35a9363c3d58c336710a14d048961929fbc19b

  • Size

    152KB

  • Sample

    221128-yls4jace27

  • MD5

    aeee83311a512ec9cf9b75f275393f71

  • SHA1

    f352dc141d7fa94f03dc2e91e61e7b504e48d7a6

  • SHA256

    068a77415bcdb732b1b5f9578c35a9363c3d58c336710a14d048961929fbc19b

  • SHA512

    d20a925c7ab62758ea3f33ee5f470fbccd055cf076f1b38ea6716ebbe26192ff14155fa9b783eb4de5e6829d67215e6c460b88b8df096eca2ba874530f376e27

  • SSDEEP

    3072:a4GYFgcGF5CAZjl/KRdG0hqwLx/igQXEkG+jHpP46LyvjpLi:ahYmCAZxKRdGk/AEkG2N3Y9Li

Score
10/10
ramnitbankerevasionpersistencespywarestealertrojanworm

Malware Config

Targets

    • Target

      068a77415bcdb732b1b5f9578c35a9363c3d58c336710a14d048961929fbc19b

    • Size

      152KB

    • MD5

      aeee83311a512ec9cf9b75f275393f71

    • SHA1

      f352dc141d7fa94f03dc2e91e61e7b504e48d7a6

    • SHA256

      068a77415bcdb732b1b5f9578c35a9363c3d58c336710a14d048961929fbc19b

    • SHA512

      d20a925c7ab62758ea3f33ee5f470fbccd055cf076f1b38ea6716ebbe26192ff14155fa9b783eb4de5e6829d67215e6c460b88b8df096eca2ba874530f376e27

    • SSDEEP

      3072:a4GYFgcGF5CAZjl/KRdG0hqwLx/igQXEkG+jHpP46LyvjpLi:ahYmCAZxKRdGk/AEkG2N3Y9Li

    Score
    10/10
    ramnitbankerevasionpersistencespywarestealertrojanworm
    behavioral1behavioral2

MITRE ATT&CK Matrix ATT&CK v6

Initial Access

Execution

Persistence

Winlogon Helper DLL

1
T1004

Modify Existing Service

2
T1031

Registry Run Keys / Startup Folder

1
T1060

Privilege Escalation

Bypass User Account Control

1
T1088

Defense Evasion

Modify Registry

9
T1112

Bypass User Account Control

1
T1088

Disabling Security Tools

3
T1089

Credential Access

Discovery

Query Registry

1
T1012

System Information Discovery

3
T1082

Lateral Movement

Collection

Exfiltration

Command and Control

Impact

Tasks