Triage | Malware sandboxing report by Hatching Triage

Sharing

General

Target

91c4f52a6379aeeef8beefd996df74f978dea498c8baca0d088b652b09cdc142
Size

95KB
Sample

230129-2sfzbshe2w
MD5

8d1a8d53b8ae087a641c20e795414b59
SHA1

5ad682d89a9ec12ad2baa1dc803c45a8c462f8ce
SHA256

91c4f52a6379aeeef8beefd996df74f978dea498c8baca0d088b652b09cdc142
SHA512

20d1c3c76821bc1674ba90a2c124d2fa9b237e05c60eb57f02921e20fb4e402d0bc49515c5c17289ec7475633b3a4525ecd5f364a345d5c7b31afb1f5ef11cee
SSDEEP

1536:mjEDZ/5+uLEr4EU3xBWZCnJLCL8GV7BBk49bQVBspEzE:mQDFoSE0EQWZCnJLCL5Q

Score

10^/10

ramnit banker spyware stealer trojan upx worm

Malware Config

Targets

- Target
  
  91c4f52a6379aeeef8beefd996df74f978dea498c8baca0d088b652b09cdc142
- Size
  
  95KB
- MD5
  
  8d1a8d53b8ae087a641c20e795414b59
- SHA1
  
  5ad682d89a9ec12ad2baa1dc803c45a8c462f8ce
- SHA256
  
  91c4f52a6379aeeef8beefd996df74f978dea498c8baca0d088b652b09cdc142
- SHA512
  
  20d1c3c76821bc1674ba90a2c124d2fa9b237e05c60eb57f02921e20fb4e402d0bc49515c5c17289ec7475633b3a4525ecd5f364a345d5c7b31afb1f5ef11cee
- SSDEEP
  
  1536:mjEDZ/5+uLEr4EU3xBWZCnJLCL8GV7BBk49bQVBspEzE:mQDFoSE0EQWZCnJLCL5Q
Score

10^/10

ramnit banker spyware stealer trojan upx worm
- Ramnit
  Ramnit is a versatile family that holds viruses, worms, and Trojans.
  trojan spyware stealer worm banker ramnit
- UPX packed file
  Detects executables packed with UPX/modified UPX open source packer.
  upx
- Loads dropped DLL
behavioral1 behavioral2

MITRE ATT&CK Matrix

Collection

Command and Control

Credential Access

Defense Evasion

Discovery

Execution

Exfiltration

Impact

Initial Access

Lateral Movement

Persistence

Privilege Escalation

Tasks

static1

behavioral1

ramnitbankerspywarestealertrojanupxworm

behavioral2

ramnitbankerspywarestealertrojanupxworm