General

  • Target

    c305dd145312babc4bd84cb9b1f998f81ed90b527b52666d68add509eca1b5e7

  • Size

    249KB

  • Sample

    241026-dbtxvswpcy

  • MD5

    725aad1265430294dabb34fbbdd37b60

  • SHA1

    e6f02781f9dfe58ba653554d45ef027646638d41

  • SHA256

    c305dd145312babc4bd84cb9b1f998f81ed90b527b52666d68add509eca1b5e7

  • SHA512

    7437a4b7b9ea19267d71933ef1fb18565ecc00516dbed0b49a3b3300be824db3509aace52baa96e5d31143d8aff9ec8abb6499c620e5f5fa403f4f2c741ca1e9

  • SSDEEP

    3072:uR2xn3k0CdM1vabyzJYWqyZcFaF504UVPGX1NhG2ozrl8SmaUBzMZqa12DtjS6:uR2J0LS6Vymc0NPGEfzrjmPzMZq2a

Malware Config

Targets

    • Target

      c305dd145312babc4bd84cb9b1f998f81ed90b527b52666d68add509eca1b5e7

    • Size

      249KB

    • MD5

      725aad1265430294dabb34fbbdd37b60

    • SHA1

      e6f02781f9dfe58ba653554d45ef027646638d41

    • SHA256

      c305dd145312babc4bd84cb9b1f998f81ed90b527b52666d68add509eca1b5e7

    • SHA512

      7437a4b7b9ea19267d71933ef1fb18565ecc00516dbed0b49a3b3300be824db3509aace52baa96e5d31143d8aff9ec8abb6499c620e5f5fa403f4f2c741ca1e9

    • SSDEEP

      3072:uR2xn3k0CdM1vabyzJYWqyZcFaF504UVPGX1NhG2ozrl8SmaUBzMZqa12DtjS6:uR2J0LS6Vymc0NPGEfzrjmPzMZq2a

    • Modifies WinLogon for persistence

    • Ramnit

      Ramnit is a versatile family that holds viruses, worms, and Trojans.

    • Ramnit family

    • Executes dropped EXE

    • Loads dropped DLL

    • Drops file in System32 directory

    • UPX packed file

      Detects executables packed with UPX/modified UPX open source packer.

MITRE ATT&CK Enterprise v15

Tasks