General

  • Target

    6f5f2d944d4868ca8f607b38da50493d1fb78ec42deba222eeef65dbbd8ab5af

  • Size

    672KB

  • Sample

    240325-x6xrsagc28

  • MD5

    f16cb336e5bb2e92d28ab998386253aa

  • SHA1

    327c3f2f2ba9d4056fd18c2241b66970959733a4

  • SHA256

    6f5f2d944d4868ca8f607b38da50493d1fb78ec42deba222eeef65dbbd8ab5af

  • SHA512

    9d203616318f0a3cc4540a98166ada8b762b2641c308aa14620a13fba3d3d405d9ea8ceffa53410c57d6fedf441f8eb2edc90d6f09a0d21e9dfb68f5a0d24053

  • SSDEEP

    12288:rFqi2VC1J7Zs7a5zchr46CIfsyZmGyYCqeCO4J7HA:rUi2C1JdoiEdmGyYu0NA

Malware Config

Targets

    • Target

      6f5f2d944d4868ca8f607b38da50493d1fb78ec42deba222eeef65dbbd8ab5af

    • Size

      672KB

    • MD5

      f16cb336e5bb2e92d28ab998386253aa

    • SHA1

      327c3f2f2ba9d4056fd18c2241b66970959733a4

    • SHA256

      6f5f2d944d4868ca8f607b38da50493d1fb78ec42deba222eeef65dbbd8ab5af

    • SHA512

      9d203616318f0a3cc4540a98166ada8b762b2641c308aa14620a13fba3d3d405d9ea8ceffa53410c57d6fedf441f8eb2edc90d6f09a0d21e9dfb68f5a0d24053

    • SSDEEP

      12288:rFqi2VC1J7Zs7a5zchr46CIfsyZmGyYCqeCO4J7HA:rUi2C1JdoiEdmGyYu0NA

    • Ramnit

      Ramnit is a versatile family that holds viruses, worms, and Trojans.

    • UPX dump on OEP (original entry point)

    • Executes dropped EXE

    • Loads dropped DLL

    • UPX packed file

      Detects executables packed with UPX/modified UPX open source packer.

    • Drops file in System32 directory

MITRE ATT&CK Enterprise v15

Tasks