General
-
Target
719be2a7e0f7dfd0aba67017ec2966cb
-
Size
220KB
-
Sample
240124-ggtqtscch2
-
MD5
719be2a7e0f7dfd0aba67017ec2966cb
-
SHA1
7f64efceb554aed2ddf665ebfca47eaa71ab3677
-
SHA256
3b47910e69e7050a8f0225fd3bdfc003802b392e12519f5f2413462e6481e47a
-
SHA512
ca95c58fc4d5aed75c1d6c6c95b799fde9c7665dcce3aab5c47971a53324977e0211206cd1f17659c4f5de3fda632dbacc0be62e5c79d8d4b384506856f4e143
-
SSDEEP
3072:GMsCUsER3Fx/asAm3jUWvUIYeMYqFquq8RnPZKlNkfKN5CS+t9CpZ+AS7P1ZBGjh:GMsCUpR35iLs8WD4HCGX7BGqy+lY
Static task
static1
Behavioral task
behavioral1
Sample
719be2a7e0f7dfd0aba67017ec2966cb.exe
Resource
win7-20231215-en
Malware Config
Extracted
ramnit
26
��1:8001
-
campaign_timestamp
1.505981184e+09
-
compile_timestamp
1.500910876e+09
-
dga_seed
7.90544302e+08
-
listen_port
0
-
num_dga_domains
40
Extracted
ramnit
��1
��1:8001
-
campaign_timestamp
1.505981184e+09
-
compile_timestamp
1.500910876e+09
-
dga_seed
7.90544302e+08
-
listen_port
0
-
num_dga_domains
40
Targets
-
-
Target
719be2a7e0f7dfd0aba67017ec2966cb
-
Size
220KB
-
MD5
719be2a7e0f7dfd0aba67017ec2966cb
-
SHA1
7f64efceb554aed2ddf665ebfca47eaa71ab3677
-
SHA256
3b47910e69e7050a8f0225fd3bdfc003802b392e12519f5f2413462e6481e47a
-
SHA512
ca95c58fc4d5aed75c1d6c6c95b799fde9c7665dcce3aab5c47971a53324977e0211206cd1f17659c4f5de3fda632dbacc0be62e5c79d8d4b384506856f4e143
-
SSDEEP
3072:GMsCUsER3Fx/asAm3jUWvUIYeMYqFquq8RnPZKlNkfKN5CS+t9CpZ+AS7P1ZBGjh:GMsCUpR35iLs8WD4HCGX7BGqy+lY
-
Deletes itself
-
Adds Run key to start application
-
Suspicious use of SetThreadContext
-