Overview

overview

10

Static

static

3

1f8413b28b...c6.exe

windows7-x64

7

1f8413b28b...c6.exe

windows10-2004-x64

10

Sharing

Copy URL Twitter E-mail

General

  • Target

    1f8413b28bb7ec298923ca139d633fc6

  • Size

    125KB

  • Sample

    231225-bkat8sgagj

  • MD5

    1f8413b28bb7ec298923ca139d633fc6

  • SHA1

    99614e9320312cf0b6039bf3f9c4feda8a1194c1

  • SHA256

    002508a4cec942c5b80483a46cabb6845ec961abb67e3b9eaface89996aa5457

  • SHA512

    3d6b75b4fe45ffcdc634734590b5832dab71e577926570b4c84fc2dff21cfb1c4733c746e3a33379e3f37c9dc9f58a217371a257afde22ab25705d877cc2dc54

  • SSDEEP

    3072:Y6lXWN336MdMfLirVQW0/nyyplK7/QoRawi10afCtBGRJFabWWT:JXgqqULirVT01w/QN1pCUJF85

Score
10/10
ramnitbankerspywarestealertrojanupxworm

Malware Config

Targets

    • Target

      1f8413b28bb7ec298923ca139d633fc6

    • Size

      125KB

    • MD5

      1f8413b28bb7ec298923ca139d633fc6

    • SHA1

      99614e9320312cf0b6039bf3f9c4feda8a1194c1

    • SHA256

      002508a4cec942c5b80483a46cabb6845ec961abb67e3b9eaface89996aa5457

    • SHA512

      3d6b75b4fe45ffcdc634734590b5832dab71e577926570b4c84fc2dff21cfb1c4733c746e3a33379e3f37c9dc9f58a217371a257afde22ab25705d877cc2dc54

    • SSDEEP

      3072:Y6lXWN336MdMfLirVQW0/nyyplK7/QoRawi10afCtBGRJFabWWT:JXgqqULirVT01w/QN1pCUJF85

    Score
    10/10
    ramnitbankerspywarestealertrojanupxworm

    • Ramnit

      Ramnit is a versatile family that holds viruses, worms, and Trojans.

      trojanspywarestealerwormbankerramnit

    • Checks computer location settings

      Looks up country code configured in the registry, likely geofence.

    • Executes dropped EXE

    • Loads dropped DLL

    • UPX packed file

      Detects executables packed with UPX/modified UPX open source packer.

      upx
    behavioral1behavioral2

MITRE ATT&CK Enterprise v15

Tasks