General
-
Target
MSVCR71.DLL.dll
-
Size
400KB
-
Sample
230201-hbr6gsea8t
-
MD5
f90aa1c4d54dafde1b4359293eda3f52
-
SHA1
10d781593ec6c3ea1780d887d2ad73a296bc0b23
-
SHA256
7ea73b4aa5cc6aee461f0f0a961aa8a9ff16ed09a82d039ff1136e8c23c41820
-
SHA512
d3ce7b811cf778584a4ee590bbeb7693bdc43c8acccaa77a433eaea18e5f77066f59eb54890d2fe7d270b3493e8a8077236786d362bf8fea0ef3cfd1a537ad7f
-
SSDEEP
6144:ccV9z83OtqxnEYmt3NEnvfF+Tbmbw6An8FMciFMNrb3YgxxpbCAOxO2ElvlEzn:coz83OtIEzW+/m/AyF7bCrO/Ej
Malware Config
Targets
-
-
Target
MSVCR71.DLL.dll
-
Size
400KB
-
MD5
f90aa1c4d54dafde1b4359293eda3f52
-
SHA1
10d781593ec6c3ea1780d887d2ad73a296bc0b23
-
SHA256
7ea73b4aa5cc6aee461f0f0a961aa8a9ff16ed09a82d039ff1136e8c23c41820
-
SHA512
d3ce7b811cf778584a4ee590bbeb7693bdc43c8acccaa77a433eaea18e5f77066f59eb54890d2fe7d270b3493e8a8077236786d362bf8fea0ef3cfd1a537ad7f
-
SSDEEP
6144:ccV9z83OtqxnEYmt3NEnvfF+Tbmbw6An8FMciFMNrb3YgxxpbCAOxO2ElvlEzn:coz83OtIEzW+/m/AyF7bCrO/Ej
Score10/10-
Ramnit
Ramnit is a versatile family that holds viruses, worms, and Trojans.
-
Executes dropped EXE
-
UPX packed file
Detects executables packed with UPX/modified UPX open source packer.
-
Loads dropped DLL
-
Drops file in System32 directory
-
MITRE ATT&CK Matrix
Collection
Command and Control
Credential Access
Defense Evasion
Discovery
Execution
Exfiltration
Impact
Initial Access
Lateral Movement
Persistence
Privilege Escalation