Overview

overview

10

Static

static

b463a8daaf...9c.exe

windows7-x64

10

b463a8daaf...9c.exe

windows10-2004-x64

10

Analysis

  • max time kernel
    22s
  • max time network
    17s
  • platform
    windows10-2004_x64
  • resource
    win10v2004-20220812-en
  • resource tags

    arch:x64arch:x86image:win10v2004-20220812-enlocale:en-usos:windows10-2004-x64system
  • submitted
    29/11/2022, 13:33

Sharing

Copy URL Twitter E-mail
Report Analysis Logs

General

  • Target

    b463a8daafd9a2bb5b6d1d0e249cbe443abf28456b1841ddf11de9503b471d9c.exe

  • Size

    172KB

  • MD5

    683abded9b481c3ed9cf4d07a0ee9cd5

  • SHA1

    6f512c3d77074dd7d5bb4613527a22dcf907beac

  • SHA256

    b463a8daafd9a2bb5b6d1d0e249cbe443abf28456b1841ddf11de9503b471d9c

  • SHA512

    11ccfca3566d30c86d5d46df41a8ff1bf87481f70164aa83162366d79d97d1781e06a89d37507e1d23cdb1cd9c99290f17f300dbc32e409e9c8e23a5dadfe627

  • SSDEEP

    3072:qkVD1BSqao9c3HwsanTdgyOxsP+f+ETNE6PekHXo7ocPtzd4HozCo:DSqjc3HsTaxoqpm62k3UPH4QCo

Score
10/10
ramnitbankerspywarestealertrojanupxworm

Malware Config

Signatures

  • Ramnit

    Ramnit is a versatile family that holds viruses, worms, and Trojans.

    trojanspywarestealerwormbankerramnit
  • UPX packed file 6 IoCs

    Detects executables packed with UPX/modified UPX open source packer.

    upx
  • Suspicious use of UnmapMainImage 1 IoCs

Processes

  • C:\Users\Admin\AppData\Local\Temp\b463a8daafd9a2bb5b6d1d0e249cbe443abf28456b1841ddf11de9503b471d9c.exe
    "C:\Users\Admin\AppData\Local\Temp\b463a8daafd9a2bb5b6d1d0e249cbe443abf28456b1841ddf11de9503b471d9c.exe"
    1⤵
    • Suspicious use of UnmapMainImage
    PID:2504

Network

        MITRE ATT&CK Matrix

        Replay Monitor

        Loading Replay Monitor...

        Downloads

        • memory/2504-132-0x0000000000400000-0x0000000000434000-memory.dmp

          Filesize

          208KB

          Download

        • memory/2504-135-0x0000000000400000-0x0000000000425000-memory.dmp

          Filesize

          148KB

          Download

        • memory/2504-136-0x0000000000400000-0x0000000000425000-memory.dmp

          Filesize

          148KB

          Download

        • memory/2504-137-0x0000000000400000-0x0000000000434000-memory.dmp

          Filesize

          208KB

          Download

        • memory/2504-138-0x0000000000400000-0x0000000000434000-memory.dmp

          Filesize

          208KB

          Download

        • memory/2504-139-0x0000000000400000-0x0000000000434000-memory.dmp

          Filesize

          208KB

          Download

        • memory/2504-140-0x0000000000400000-0x0000000000425000-memory.dmp

          Filesize

          148KB

          Download