General

  • Target

    cae1ac79940328d5cf6afb986305269a

  • Size

    224KB

  • Sample

    240315-jtcdesbd8v

  • MD5

    cae1ac79940328d5cf6afb986305269a

  • SHA1

    fad835bdd1f0e14efef95bcd66c517210a266614

  • SHA256

    41d32501638797546135529eb0dea6cc8f8d418bd29635f2e6d4cdde8f77ec37

  • SHA512

    03225fcf9836bb7f2cb50000a47c9163cdf1b7c5325de9609aa9e027ab8727f235e4e641bc27c5fa724e865afd4e9cf9f3b6ecdab4ae07bbb9db04f665797cd5

  • SSDEEP

    3072:cxVOHea/hxLkoldcCX4rr5ZhaETQAyNiC:ci+apxRy/rNPsNiC

Malware Config

Targets

    • Target

      cae1ac79940328d5cf6afb986305269a

    • Size

      224KB

    • MD5

      cae1ac79940328d5cf6afb986305269a

    • SHA1

      fad835bdd1f0e14efef95bcd66c517210a266614

    • SHA256

      41d32501638797546135529eb0dea6cc8f8d418bd29635f2e6d4cdde8f77ec37

    • SHA512

      03225fcf9836bb7f2cb50000a47c9163cdf1b7c5325de9609aa9e027ab8727f235e4e641bc27c5fa724e865afd4e9cf9f3b6ecdab4ae07bbb9db04f665797cd5

    • SSDEEP

      3072:cxVOHea/hxLkoldcCX4rr5ZhaETQAyNiC:ci+apxRy/rNPsNiC

    • Modifies WinLogon for persistence

    • Ramnit

      Ramnit is a versatile family that holds viruses, worms, and Trojans.

    • Executes dropped EXE

    • Loads dropped DLL

    • UPX packed file

      Detects executables packed with UPX/modified UPX open source packer.

    • Drops file in System32 directory

MITRE ATT&CK Enterprise v15

Tasks