Overview

overview

10

Static

static

3

a3ae4570ea...49.dll

windows7-x64

10

a3ae4570ea...49.dll

windows10-2004-x64

9

Sharing

Copy URL
Twitter E-mail

General

  • Target

    a3ae4570ea79edca6be2b632e73f6377d254205fc88dc0d0d0251a13dcfd7749

  • Size

    142KB

  • Sample

    240523-bpflaagd84

  • MD5

    372a395d15556063fe723a7d25b5d2e8

  • SHA1

    67b55d03ca5f3db23fa6521afdf34a9022c33af1

  • SHA256

    a3ae4570ea79edca6be2b632e73f6377d254205fc88dc0d0d0251a13dcfd7749

  • SHA512

    df89847f4a95857048eaec373a6d632eb472bdc7306467977ac84fc1ee4d17b38dced1bf7e1b34ebdd80f6b7537441f73751f13399f620fc89f7e107a3896a7d

  • SSDEEP

    3072:9cwO/iTOdgWtJwrudmurEaMWgcVQPqJWhMAXNEzpDKQsojV2XI:9DTOdgWtOrudmux2yU/9ExJjgY

Score
10/10
ramnitbankerspywarestealertrojanupxworm

Malware Config

Targets

    • Target

      a3ae4570ea79edca6be2b632e73f6377d254205fc88dc0d0d0251a13dcfd7749

    • Size

      142KB

    • MD5

      372a395d15556063fe723a7d25b5d2e8

    • SHA1

      67b55d03ca5f3db23fa6521afdf34a9022c33af1

    • SHA256

      a3ae4570ea79edca6be2b632e73f6377d254205fc88dc0d0d0251a13dcfd7749

    • SHA512

      df89847f4a95857048eaec373a6d632eb472bdc7306467977ac84fc1ee4d17b38dced1bf7e1b34ebdd80f6b7537441f73751f13399f620fc89f7e107a3896a7d

    • SSDEEP

      3072:9cwO/iTOdgWtJwrudmurEaMWgcVQPqJWhMAXNEzpDKQsojV2XI:9DTOdgWtOrudmux2yU/9ExJjgY

    Score
    10/10
    ramnitbankerspywarestealertrojanupxworm

    • Ramnit

      Ramnit is a versatile family that holds viruses, worms, and Trojans.

      trojanspywarestealerwormbankerramnit

    • UPX dump on OEP (original entry point)

    • Executes dropped EXE

    • Loads dropped DLL

    • UPX packed file

      Detects executables packed with UPX/modified UPX open source packer.

      upx

    • Drops file in System32 directory

    behavioral1behavioral2

MITRE ATT&CK Matrix ATT&CK v13

Tasks