Triage | Malware sandboxing report by Hatching Triage

Sharing

General

Target

856ab46f5db4dd99658ff7a1991bc3646353d7a724e9363cf9cdd815cb3f4e96
Size

236KB
Sample

230129-3gdkhaaf6t
MD5

11dbf6a7d4cc6662ac4608d2cd025d40
SHA1

4927b37da827c60d657337da18897375deafdea1
SHA256

856ab46f5db4dd99658ff7a1991bc3646353d7a724e9363cf9cdd815cb3f4e96
SHA512

ca9c22733f667af8006e4139d71bd60775dd3ada7bd28e64622530423e70dc077e7cfcb92e1db087e5e662980d1ee0d3a0ae82b5cd8e31b61f9ffe386c70e080
SSDEEP

1536:eG73mNhJCulPXO+hh0nDQbWV52Z/M6Qjiyhg9vgLcpSdGlWnk8rj:eTRCWPXuqZEXiyhSLls

Score

10^/10

ramnit banker spyware stealer trojan upx worm

Malware Config

Targets

- Target
  
  856ab46f5db4dd99658ff7a1991bc3646353d7a724e9363cf9cdd815cb3f4e96
- Size
  
  236KB
- MD5
  
  11dbf6a7d4cc6662ac4608d2cd025d40
- SHA1
  
  4927b37da827c60d657337da18897375deafdea1
- SHA256
  
  856ab46f5db4dd99658ff7a1991bc3646353d7a724e9363cf9cdd815cb3f4e96
- SHA512
  
  ca9c22733f667af8006e4139d71bd60775dd3ada7bd28e64622530423e70dc077e7cfcb92e1db087e5e662980d1ee0d3a0ae82b5cd8e31b61f9ffe386c70e080
- SSDEEP
  
  1536:eG73mNhJCulPXO+hh0nDQbWV52Z/M6Qjiyhg9vgLcpSdGlWnk8rj:eTRCWPXuqZEXiyhSLls
Score

10^/10

ramnit banker spyware stealer trojan upx worm
- Ramnit
  Ramnit is a versatile family that holds viruses, worms, and Trojans.
  trojan spyware stealer worm banker ramnit
- UPX packed file
  Detects executables packed with UPX/modified UPX open source packer.
  upx
- Loads dropped DLL
behavioral1 behavioral2

MITRE ATT&CK Matrix

Collection

Command and Control

Credential Access

Defense Evasion

Discovery

Execution

Exfiltration

Impact

Initial Access

Lateral Movement

Persistence

Privilege Escalation

Tasks

static1

behavioral1

ramnitbankerspywarestealertrojanupxworm

behavioral2