General

  • Target

    38a3b3b4a06fe3d8e43d0d4348dff9e7.exe

  • Size

    166KB

  • Sample

    240105-n6yveabddr

  • MD5

    38a3b3b4a06fe3d8e43d0d4348dff9e7

  • SHA1

    ee0eb512b443c84f5dd69c8b2ed0066815bcc9c4

  • SHA256

    279dc6f915f7513aa1cd00910f1a2c7541021d9bb9f2f5f67592a8ca1f002bc3

  • SHA512

    d5a97ef4e54e4924bdef7a40a1f35ee59b9b8dd946317a168874398f775bca7a2a1aa70ff45049028ea16cac50a7daed1507e74ad5d15135d60be4a702720ae8

  • SSDEEP

    1536:05lTUKCYmCgV5bT/2d1QYesG+sxFm2mEgW+YBOYYtV/rerTK:KTU56gVxj27NeUuFm1byOYUNq6

Malware Config

Targets

    • Target

      38a3b3b4a06fe3d8e43d0d4348dff9e7.exe

    • Size

      166KB

    • MD5

      38a3b3b4a06fe3d8e43d0d4348dff9e7

    • SHA1

      ee0eb512b443c84f5dd69c8b2ed0066815bcc9c4

    • SHA256

      279dc6f915f7513aa1cd00910f1a2c7541021d9bb9f2f5f67592a8ca1f002bc3

    • SHA512

      d5a97ef4e54e4924bdef7a40a1f35ee59b9b8dd946317a168874398f775bca7a2a1aa70ff45049028ea16cac50a7daed1507e74ad5d15135d60be4a702720ae8

    • SSDEEP

      1536:05lTUKCYmCgV5bT/2d1QYesG+sxFm2mEgW+YBOYYtV/rerTK:KTU56gVxj27NeUuFm1byOYUNq6

    • Modifies WinLogon for persistence

    • Ramnit

      Ramnit is a versatile family that holds viruses, worms, and Trojans.

    • Executes dropped EXE

    • Loads dropped DLL

    • UPX packed file

      Detects executables packed with UPX/modified UPX open source packer.

    • Drops file in System32 directory

MITRE ATT&CK Enterprise v15

Tasks