General

  • Target

    82e2038ec23beba2cd37a54871e5f7fb8a87786a14df520ff8fa1da60ed229b5

  • Size

    233KB

  • Sample

    240330-zsep6aee2t

  • MD5

    b417df1ef556c1ec4b5e278f13e60406

  • SHA1

    6a3046dbf9f46494525210a3d9fab0a77a960203

  • SHA256

    82e2038ec23beba2cd37a54871e5f7fb8a87786a14df520ff8fa1da60ed229b5

  • SHA512

    b2ff59e6fa56f044317e08601181ed066e790d2e5b5cde7016e3b2ab9a441f816c60c44ecaa3f63c51c1becf5e6b1b9c104a9f8f9531c4245b2fa6e8e668d22d

  • SSDEEP

    3072:3nQfac+4h/ueabsWajfRK2oA7nxUaLvXfP:gfU4MShRoOnxUazH

Malware Config

Targets

    • Target

      82e2038ec23beba2cd37a54871e5f7fb8a87786a14df520ff8fa1da60ed229b5

    • Size

      233KB

    • MD5

      b417df1ef556c1ec4b5e278f13e60406

    • SHA1

      6a3046dbf9f46494525210a3d9fab0a77a960203

    • SHA256

      82e2038ec23beba2cd37a54871e5f7fb8a87786a14df520ff8fa1da60ed229b5

    • SHA512

      b2ff59e6fa56f044317e08601181ed066e790d2e5b5cde7016e3b2ab9a441f816c60c44ecaa3f63c51c1becf5e6b1b9c104a9f8f9531c4245b2fa6e8e668d22d

    • SSDEEP

      3072:3nQfac+4h/ueabsWajfRK2oA7nxUaLvXfP:gfU4MShRoOnxUazH

    • Ramnit

      Ramnit is a versatile family that holds viruses, worms, and Trojans.

    • Detects Windows executables referencing non-Windows User-Agents

    • UPX dump on OEP (original entry point)

    • Executes dropped EXE

    • Loads dropped DLL

    • UPX packed file

      Detects executables packed with UPX/modified UPX open source packer.

    • Enumerates connected drives

      Attempts to read the root path of hard drives other than the default C: drive.

    • Drops file in System32 directory

MITRE ATT&CK Enterprise v15

Tasks