General

  • Target

    def615383ca4266e67588476ae0a6c3c

  • Size

    112KB

  • Sample

    240326-mp5qysgc48

  • MD5

    def615383ca4266e67588476ae0a6c3c

  • SHA1

    6c1f52c9bf8779dfc90e34cc3cb90b05dc56c649

  • SHA256

    5da4967178d14b515417f4c25eebebe37fcee480850e9d39a7dec0c4e514e2be

  • SHA512

    dff5b2251160859e0fc214df7c44f716d47add19c955f6b41e6f26a7644e57bdb21db416b1e41b254d19b7aa6db58e8d9eda48e69204398d2bf02e9315016864

  • SSDEEP

    1536:aVZnxm6MG9xgfrvEaoiT/GyphjXDYjKwttoswRmhApE:qnxwgxgfR/DVG7wBpE

Malware Config

Targets

    • Target

      def615383ca4266e67588476ae0a6c3c

    • Size

      112KB

    • MD5

      def615383ca4266e67588476ae0a6c3c

    • SHA1

      6c1f52c9bf8779dfc90e34cc3cb90b05dc56c649

    • SHA256

      5da4967178d14b515417f4c25eebebe37fcee480850e9d39a7dec0c4e514e2be

    • SHA512

      dff5b2251160859e0fc214df7c44f716d47add19c955f6b41e6f26a7644e57bdb21db416b1e41b254d19b7aa6db58e8d9eda48e69204398d2bf02e9315016864

    • SSDEEP

      1536:aVZnxm6MG9xgfrvEaoiT/GyphjXDYjKwttoswRmhApE:qnxwgxgfR/DVG7wBpE

    • Modifies WinLogon for persistence

    • Ramnit

      Ramnit is a versatile family that holds viruses, worms, and Trojans.

    • Executes dropped EXE

    • Loads dropped DLL

    • UPX packed file

      Detects executables packed with UPX/modified UPX open source packer.

    • Drops file in System32 directory

MITRE ATT&CK Enterprise v15

Tasks