Overview

overview

10

Static

static

10

c3e044c9e8...86.dll

windows7-x64

1

c3e044c9e8...86.dll

windows10-2004-x64

1

Sharing

Copy URL
Twitter E-mail

General

  • Target

    c3e044c9e8703abb90038959736c84c07e8f00b7a49d44271c8494101ebbe786.exe

  • Size

    114KB

  • Sample

    240529-nnct8ada21

  • MD5

    a86c97e899a93ba176de1c93c82cd14d

  • SHA1

    95f308fe16d334033a499140d631eef064509530

  • SHA256

    c3e044c9e8703abb90038959736c84c07e8f00b7a49d44271c8494101ebbe786

  • SHA512

    3b9620eaffdaf5b627d3b14ebf4881f158f2957e01560c5d265333d495a3846a2d6fd2a61e2fa92298e9486df2f89f03d29a743a33e2bc113094e33f11dfd170

  • SSDEEP

    1536:nzsLcHvHaHv2rzlt1TdGVt5sgGFeqW6tY5pZFqoFb1:nzqPUhjxGbAG6cqoFb

Score
10/10
ramnit8`¾8wõ9��?4�z4w�p4��35rϯ5���5��t1;�<�;�@;�>>a��?��9<��

Malware Config

Extracted

Family

ramnit

Botnet

8`¾8wõ9��?4�z4w�P4��35rϯ5���5��t1;�<�;�@;�>>a��?��9<��)7s�R7��4[ο4�Ό4��05�5U�$2*�&0�0�{0f�P0@ʹ0

C2

�>��;?7�"? � ?s�g?[�N?�Ŷ?�œ?���?���?���?8�1<,�<� <�u<h�:817377459

Attributes
  • campaign_timestamp

    8.12134499e+08

  • compile_timestamp

    1.505999145e+09

  • dga_seed

    8.09578546e+08

  • listen_port

    8.15804558e+08

  • num_dga_domains

    8.07677983e+08

xor.base64
rc4.plain
rsa_pubkey.base64

Targets

    • Target

      c3e044c9e8703abb90038959736c84c07e8f00b7a49d44271c8494101ebbe786.exe

    • Size

      114KB

    • MD5

      a86c97e899a93ba176de1c93c82cd14d

    • SHA1

      95f308fe16d334033a499140d631eef064509530

    • SHA256

      c3e044c9e8703abb90038959736c84c07e8f00b7a49d44271c8494101ebbe786

    • SHA512

      3b9620eaffdaf5b627d3b14ebf4881f158f2957e01560c5d265333d495a3846a2d6fd2a61e2fa92298e9486df2f89f03d29a743a33e2bc113094e33f11dfd170

    • SSDEEP

      1536:nzsLcHvHaHv2rzlt1TdGVt5sgGFeqW6tY5pZFqoFb1:nzqPUhjxGbAG6cqoFb

    Score
    1/10
    behavioral1behavioral2

MITRE ATT&CK Matrix

Tasks