Overview

overview

10

Static

static

1

c197ea0e72...42.exe

windows7-x64

10

c197ea0e72...42.exe

windows10-2004-x64

10

Sharing

Copy URL
Twitter E-mail

General

  • Target

    c197ea0e72bd610ba87d781a9e0abd94607d653db7012a7852e1f26802b55f42

  • Size

    2.1MB

  • Sample

    221128-ymeyasce78

  • MD5

    f964a7f2083fe822cf97784e6e46ca21

  • SHA1

    4625840cd2a6053576c66fda86a6fe3a0672853d

  • SHA256

    c197ea0e72bd610ba87d781a9e0abd94607d653db7012a7852e1f26802b55f42

  • SHA512

    aeba4d1eb2113296142c3ae52e0f11b457316c519101d9b778435423c5e07a919e20fea17953990aaaa482da04cc644a9d21971c1383e3b9fadc44e2c04efc74

  • SSDEEP

    49152:WAyfyD2phLtaAGcoaNKIayOzRkG+A76/Fo8ZhJGDI:2DLQA8AONkG+AOdVjJQI

Score
10/10
ramnitbankerspywarestealertrojanupxworm

Malware Config

Targets

    • Target

      c197ea0e72bd610ba87d781a9e0abd94607d653db7012a7852e1f26802b55f42

    • Size

      2.1MB

    • MD5

      f964a7f2083fe822cf97784e6e46ca21

    • SHA1

      4625840cd2a6053576c66fda86a6fe3a0672853d

    • SHA256

      c197ea0e72bd610ba87d781a9e0abd94607d653db7012a7852e1f26802b55f42

    • SHA512

      aeba4d1eb2113296142c3ae52e0f11b457316c519101d9b778435423c5e07a919e20fea17953990aaaa482da04cc644a9d21971c1383e3b9fadc44e2c04efc74

    • SSDEEP

      49152:WAyfyD2phLtaAGcoaNKIayOzRkG+A76/Fo8ZhJGDI:2DLQA8AONkG+AOdVjJQI

    Score
    10/10
    ramnitbankerspywarestealertrojanupxworm

    • Ramnit

      Ramnit is a versatile family that holds viruses, worms, and Trojans.

      trojanspywarestealerwormbankerramnit

    • Executes dropped EXE

    • UPX packed file

      Detects executables packed with UPX/modified UPX open source packer.

      upx

    • Loads dropped DLL

    behavioral1behavioral2

MITRE ATT&CK Matrix ATT&CK v6

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Modify Registry

1
T1112

Credential Access

Discovery

System Information Discovery

1
T1082

Lateral Movement

Collection

Exfiltration

Command and Control

Impact

Tasks