Overview

overview

10

Static

static

72393244cb...a1.dll

windows7-x64

10

72393244cb...a1.dll

windows10-2004-x64

8

Sharing

Copy URL
Twitter E-mail

General

  • Target

    72393244cb32184e148cf35a94e2ea9e156fdaa488009cbbf216970753b397a1

  • Size

    180KB

  • Sample

    221204-cnpcgacf2w

  • MD5

    225932767bebf94e782c52f03b153600

  • SHA1

    019f92269cc0498295475b4001668989338ea6ca

  • SHA256

    72393244cb32184e148cf35a94e2ea9e156fdaa488009cbbf216970753b397a1

  • SHA512

    277d4ef9d975bd1a7ea38f13b0e913eb7cf88c011723b86090a6e9157169bb0c968a670081d8cd8e45bb016907d781406fba952a50c260a65cf30e9a260a8518

  • SSDEEP

    3072:un4cV8gf2u41Z5tKlz6cVBmmO/WE+5H9XcpS1XpZxkwIAR:84y8gOl25VBmmOuX5dlMN

Score
10/10
ramnitbankerpersistencespywarestealertrojanupxworm

Malware Config

Targets

    • Target

      72393244cb32184e148cf35a94e2ea9e156fdaa488009cbbf216970753b397a1

    • Size

      180KB

    • MD5

      225932767bebf94e782c52f03b153600

    • SHA1

      019f92269cc0498295475b4001668989338ea6ca

    • SHA256

      72393244cb32184e148cf35a94e2ea9e156fdaa488009cbbf216970753b397a1

    • SHA512

      277d4ef9d975bd1a7ea38f13b0e913eb7cf88c011723b86090a6e9157169bb0c968a670081d8cd8e45bb016907d781406fba952a50c260a65cf30e9a260a8518

    • SSDEEP

      3072:un4cV8gf2u41Z5tKlz6cVBmmO/WE+5H9XcpS1XpZxkwIAR:84y8gOl25VBmmOuX5dlMN

    Score
    10/10
    ramnitbankerpersistencespywarestealertrojanupxworm

    • Modifies WinLogon for persistence

      persistence

    • Ramnit

      Ramnit is a versatile family that holds viruses, worms, and Trojans.

      trojanspywarestealerwormbankerramnit

    • Executes dropped EXE

    • UPX packed file

      Detects executables packed with UPX/modified UPX open source packer.

      upx

    • Loads dropped DLL

    • Drops file in System32 directory

    behavioral1behavioral2

MITRE ATT&CK Enterprise v6

Tasks