General

  • Target

    cb3866e8e5946354bc53da814689feab

  • Size

    132KB

  • Sample

    240315-my4v1see9y

  • MD5

    cb3866e8e5946354bc53da814689feab

  • SHA1

    b9a1830c4e3014783489ca456358b4adc3a763a7

  • SHA256

    5eabe32b3d80d6d204a28d8da2d5ef0f721d2f5cc2dc9ad383e6413e7626c609

  • SHA512

    191a37ead98c8fb81dbe590f589900ecc9cbdd781b3e25f4cc2ad1c6526c061ab0b80ebea85878ffd109db159bc44b9c0eccff26fc981fa9b621885827fcf321

  • SSDEEP

    3072:9o6nwLqrSa4I+VCUgVr9kYaQBqaFM2oVhyAn1+J:C6ungVrwwM2uf1y

Malware Config

Targets

    • Target

      cb3866e8e5946354bc53da814689feab

    • Size

      132KB

    • MD5

      cb3866e8e5946354bc53da814689feab

    • SHA1

      b9a1830c4e3014783489ca456358b4adc3a763a7

    • SHA256

      5eabe32b3d80d6d204a28d8da2d5ef0f721d2f5cc2dc9ad383e6413e7626c609

    • SHA512

      191a37ead98c8fb81dbe590f589900ecc9cbdd781b3e25f4cc2ad1c6526c061ab0b80ebea85878ffd109db159bc44b9c0eccff26fc981fa9b621885827fcf321

    • SSDEEP

      3072:9o6nwLqrSa4I+VCUgVr9kYaQBqaFM2oVhyAn1+J:C6ungVrwwM2uf1y

    • Modifies WinLogon for persistence

    • Ramnit

      Ramnit is a versatile family that holds viruses, worms, and Trojans.

    • Executes dropped EXE

    • Loads dropped DLL

    • UPX packed file

      Detects executables packed with UPX/modified UPX open source packer.

    • Drops file in System32 directory

MITRE ATT&CK Enterprise v15

Tasks