General

  • Target

    c30d9108a508a07fa2c0b554ff54d18b

  • Size

    136KB

  • Sample

    240312-lrpxvadg7s

  • MD5

    c30d9108a508a07fa2c0b554ff54d18b

  • SHA1

    cedd28bc421c11ea7b9cd4e01cd9058ac4b10d99

  • SHA256

    3f942fff2744cf263a7409c1a2f785c810137f4626be82f3c1fc782c15e16847

  • SHA512

    86037ce069fd7a2662ee3797cf08789521edfd240d6a6e0b365ca2ef2b12b521ebf1e290cff5d9d4296b422ceb4ebddb3db3c0596870eb076e97d93d4aeb5bb9

  • SSDEEP

    3072:ynxwgxgfR/DVG7wBpEsNDj4AAypPjo2+Be:y+xDVG0BpV3EY1+Be

Malware Config

Targets

    • Target

      c30d9108a508a07fa2c0b554ff54d18b

    • Size

      136KB

    • MD5

      c30d9108a508a07fa2c0b554ff54d18b

    • SHA1

      cedd28bc421c11ea7b9cd4e01cd9058ac4b10d99

    • SHA256

      3f942fff2744cf263a7409c1a2f785c810137f4626be82f3c1fc782c15e16847

    • SHA512

      86037ce069fd7a2662ee3797cf08789521edfd240d6a6e0b365ca2ef2b12b521ebf1e290cff5d9d4296b422ceb4ebddb3db3c0596870eb076e97d93d4aeb5bb9

    • SSDEEP

      3072:ynxwgxgfR/DVG7wBpEsNDj4AAypPjo2+Be:y+xDVG0BpV3EY1+Be

    • Modifies WinLogon for persistence

    • Ramnit

      Ramnit is a versatile family that holds viruses, worms, and Trojans.

    • Executes dropped EXE

    • Loads dropped DLL

    • UPX packed file

      Detects executables packed with UPX/modified UPX open source packer.

    • Drops file in System32 directory

MITRE ATT&CK Enterprise v15

Tasks