General

  • Target

    ca15fb12c921c8858dfdc700295aeb0e52e204a13f476c3c639d710a7faeee5e

  • Size

    6MB

  • Sample

    231203-ttfe7ada5z

  • MD5

    ac5647237e9177cbc27c4e1835ab8764

  • SHA1

    c5b032c227a36ff8c5951e970af1fe29e44c5b13

  • SHA256

    ca15fb12c921c8858dfdc700295aeb0e52e204a13f476c3c639d710a7faeee5e

  • SHA512

    a75a2b14ed741b2d8d93782a061ac32f3d6fcdc12b6b25d9600d37b36e43aa401fe64c6a5d9374212a16d2f01eff9338166f31c209224d72558661af152ad97a

  • SSDEEP

    98304:8LqKz4UN6Pg3jUlBiaYC9+fw6iNTaR5rvXbwgfWISmnPKcraGvdhpWxn1:XpPwYlBjYC8w6kWrvLFx9PhvQ3

Malware Config

Targets

    • Target

      ca15fb12c921c8858dfdc700295aeb0e52e204a13f476c3c639d710a7faeee5e

    • Size

      6MB

    • MD5

      ac5647237e9177cbc27c4e1835ab8764

    • SHA1

      c5b032c227a36ff8c5951e970af1fe29e44c5b13

    • SHA256

      ca15fb12c921c8858dfdc700295aeb0e52e204a13f476c3c639d710a7faeee5e

    • SHA512

      a75a2b14ed741b2d8d93782a061ac32f3d6fcdc12b6b25d9600d37b36e43aa401fe64c6a5d9374212a16d2f01eff9338166f31c209224d72558661af152ad97a

    • SSDEEP

      98304:8LqKz4UN6Pg3jUlBiaYC9+fw6iNTaR5rvXbwgfWISmnPKcraGvdhpWxn1:XpPwYlBjYC8w6kWrvLFx9PhvQ3

    • Ramnit

      Ramnit is a versatile family that holds viruses, worms, and Trojans.

    • Executes dropped EXE

    • Loads dropped DLL

    • UPX packed file

      Detects executables packed with UPX/modified UPX open source packer.

    • Drops file in System32 directory

    • Suspicious use of NtSetInformationThreadHideFromDebugger

MITRE ATT&CK Matrix ATT&CK v13

Tasks