General

  • Target

    6e20f9687cd7e6e2e7cc956a4f834e079b9cfb53d7db3776f99b0fd4b3fcb196

  • Size

    272KB

  • Sample

    241004-29h51swelh

  • MD5

    0dafdcef4ed05d008c7fde7bc21daf75

  • SHA1

    18ae591bd31256514b073a22be27c91d0532547b

  • SHA256

    6e20f9687cd7e6e2e7cc956a4f834e079b9cfb53d7db3776f99b0fd4b3fcb196

  • SHA512

    01cf7cedd294e605bc687947f9aea1335addf5593c055d1ee82a7f754fce7280848d5de0862fdde226f6fa83e605571d12686d47bd7fa89c68bcb753f5f6f60a

  • SSDEEP

    3072:YNZEITsAQlhWCcC6uYnF9uAzX/0faAbPy8psrs1BN2JZBS7BtRJQZfwM+ZgAqrPW:0bsAKDSruAj0fasyM34BSvG+Zgfb2CE

Malware Config

Targets

    • Target

      6e20f9687cd7e6e2e7cc956a4f834e079b9cfb53d7db3776f99b0fd4b3fcb196

    • Size

      272KB

    • MD5

      0dafdcef4ed05d008c7fde7bc21daf75

    • SHA1

      18ae591bd31256514b073a22be27c91d0532547b

    • SHA256

      6e20f9687cd7e6e2e7cc956a4f834e079b9cfb53d7db3776f99b0fd4b3fcb196

    • SHA512

      01cf7cedd294e605bc687947f9aea1335addf5593c055d1ee82a7f754fce7280848d5de0862fdde226f6fa83e605571d12686d47bd7fa89c68bcb753f5f6f60a

    • SSDEEP

      3072:YNZEITsAQlhWCcC6uYnF9uAzX/0faAbPy8psrs1BN2JZBS7BtRJQZfwM+ZgAqrPW:0bsAKDSruAj0fasyM34BSvG+Zgfb2CE

    • Modifies WinLogon for persistence

    • Ramnit

      Ramnit is a versatile family that holds viruses, worms, and Trojans.

    • Executes dropped EXE

    • Loads dropped DLL

    • Drops file in System32 directory

    • UPX packed file

      Detects executables packed with UPX/modified UPX open source packer.

MITRE ATT&CK Enterprise v15

Tasks