General

  • Target

    node.dll.7z

  • Size

    6.9MB

  • Sample

    230425-bhncjshd61

  • MD5

    1bce014b0d554092e9ef558a8e725406

  • SHA1

    6bd66d296c235d71bace17dc84db2653bde4b63d

  • SHA256

    df4d60f6a43d7117aa13789cd8fb98a2c7e118cdd62ccd7bf2ce535c74c08e73

  • SHA512

    49105ea45cfe7fac06de32e7ca7793afaa8056051b3a272b09f1b4cd94b546c026c323eed4bb4ee1dd5ef37b8064e82d19f73945df144c29a916a71573e2a41a

  • SSDEEP

    196608:iEaPxeTM/1kW42ZIb8cSU3U6dIgOhDBnV8Z:iEaPxAwkW42Qx3WDBuZ

Malware Config

Targets

    • Target

      node.dll

    • Size

      22.8MB

    • MD5

      3b781ad891cdf5262a3a41f944a60a41

    • SHA1

      818e0c8ad24dddf8ffa1d47fe0fed173b6487440

    • SHA256

      41098dcbf70e348f8ea13740ac2f1b7ad4325f422348ec42a9fdb5e33b97384b

    • SHA512

      1eac3a3112859b38d24d861174bb2e34996a238bf3cdc965eed8419b407fa26fffc7e6daff680cd02ae39a564c1c1be22c447136a034eccfdf736be94b249593

    • SSDEEP

      393216:N8V2aiqDxRhpGv2jBOYHFAiCgFi2vn+3HMYCldFBKA8TZEP8P:N8AaiqDxRhpGv2jBBHDtFdvnaF/

    • Ramnit

      Ramnit is a versatile family that holds viruses, worms, and Trojans.

    • Executes dropped EXE

    • Loads dropped DLL

    • UPX packed file

      Detects executables packed with UPX/modified UPX open source packer.

    • Drops file in System32 directory

MITRE ATT&CK Matrix ATT&CK v6

Defense Evasion

Modify Registry

1
T1112

Tasks