Overview

overview

10

Static

static

3

easy_Malic...b8.exe

windows7-x64

10

easy_Malic...b8.exe

windows10-2004-x64

10

Sharing

Copy URL Twitter E-mail

General

  • Target

    easy_Malicious_001bc26dbd350bf66648eba8a36fe6c5201b8fedbdaad55e272f5f07f305abb8.exe

  • Size

    342KB

  • Sample

    230704-spesesee62

  • MD5

    4a5ba8f3079f5208a690f00dda17d1f3

  • SHA1

    a00fd4641c222ed17a11671a6b50a2c631906635

  • SHA256

    ea223f9fae25058864e8333ffba6bde7aa0b38cc58aad3094dfb92198703206f

  • SHA512

    0742ad5cb455783aec1abccbd99c3ca6454bb0f5fb50ecd6ba6937cf7c7accbd7250b51622b1e5034d3feb7de996f236d0ff58d0fc6f4563ce229ce3c0c3b3ac

  • SSDEEP

    6144:BiT0g4vIw+4zzwuSVVFlv0lC17ltL2YC5h7jF+bF/h2i23lFGGjh04Jsm/BWcHPO:Bng4l+IzUXvhZltSd3cx/qVkGjh0Ss4i

Score
10/10
ramnitbankerspywarestealertrojanupxworm

Malware Config

Targets

    • Target

      easy_Malicious_001bc26dbd350bf66648eba8a36fe6c5201b8fedbdaad55e272f5f07f305abb8.exe

    • Size

      342KB

    • MD5

      4a5ba8f3079f5208a690f00dda17d1f3

    • SHA1

      a00fd4641c222ed17a11671a6b50a2c631906635

    • SHA256

      ea223f9fae25058864e8333ffba6bde7aa0b38cc58aad3094dfb92198703206f

    • SHA512

      0742ad5cb455783aec1abccbd99c3ca6454bb0f5fb50ecd6ba6937cf7c7accbd7250b51622b1e5034d3feb7de996f236d0ff58d0fc6f4563ce229ce3c0c3b3ac

    • SSDEEP

      6144:BiT0g4vIw+4zzwuSVVFlv0lC17ltL2YC5h7jF+bF/h2i23lFGGjh04Jsm/BWcHPO:Bng4l+IzUXvhZltSd3cx/qVkGjh0Ss4i

    Score
    10/10
    ramnitbankerspywarestealertrojanupxworm

    • Ramnit

      Ramnit is a versatile family that holds viruses, worms, and Trojans.

      trojanspywarestealerwormbankerramnit

    • Checks computer location settings

      Looks up country code configured in the registry, likely geofence.

    • Executes dropped EXE

    • Loads dropped DLL

    • UPX packed file

      Detects executables packed with UPX/modified UPX open source packer.

      upx
    behavioral1behavioral2

MITRE ATT&CK Enterprise v6

Tasks