Triage | Malware sandboxing report by Hatching Triage

Sharing

General

Target

962b8f9f86a66ba2d0ec47103d669706b00e42a7388b150a925d169bf51c424b
Size

39KB
Sample

230130-d9manshc8t
MD5

5c1bd90d71ba00884c436550dec45123
SHA1

4d42f73826e82ad32589069b297d7314c7b94c34
SHA256

962b8f9f86a66ba2d0ec47103d669706b00e42a7388b150a925d169bf51c424b
SHA512

7c74b5fdbd660a0c5e04010c6530434b80b2e717033ce20011a82da1c849e50e40b8af7f63622f35d9aaf9cc98141b7c72c20a474fc697270bcc9d2112b85313
SSDEEP

768:d/tN7XsL5M+KbRJ66l7P4uG2x6ye3vAU5uFl1FKDvlK0NTwzkKoCj+xo:dn78M/J6C4q5Mv0l+wzBoW+a

Score

10^/10

ramnit banker spyware stealer trojan upx worm

Malware Config

Targets

- Target
  
  962b8f9f86a66ba2d0ec47103d669706b00e42a7388b150a925d169bf51c424b
- Size
  
  39KB
- MD5
  
  5c1bd90d71ba00884c436550dec45123
- SHA1
  
  4d42f73826e82ad32589069b297d7314c7b94c34
- SHA256
  
  962b8f9f86a66ba2d0ec47103d669706b00e42a7388b150a925d169bf51c424b
- SHA512
  
  7c74b5fdbd660a0c5e04010c6530434b80b2e717033ce20011a82da1c849e50e40b8af7f63622f35d9aaf9cc98141b7c72c20a474fc697270bcc9d2112b85313
- SSDEEP
  
  768:d/tN7XsL5M+KbRJ66l7P4uG2x6ye3vAU5uFl1FKDvlK0NTwzkKoCj+xo:dn78M/J6C4q5Mv0l+wzBoW+a
Score

10^/10

ramnit banker spyware stealer trojan upx worm
- Ramnit
  Ramnit is a versatile family that holds viruses, worms, and Trojans.
  trojan spyware stealer worm banker ramnit
- Executes dropped EXE
- UPX packed file
  Detects executables packed with UPX/modified UPX open source packer.
  upx
- Loads dropped DLL
behavioral1 behavioral2

MITRE ATT&CK Matrix

Collection

Command and Control

Credential Access

Defense Evasion

Modify Registry

Discovery

Execution

Exfiltration

Impact

Initial Access

Lateral Movement

Persistence

Privilege Escalation

Tasks

static1

behavioral1

ramnitbankerspywarestealertrojanupxworm

behavioral2

ramnitbankerspywarestealertrojanupxworm