General

  • Target

    0ca3c298786daa93f170f92c00481d407ae7b73bcf853c6e2164e4589536f6b8N

  • Size

    310KB

  • Sample

    241109-yt22ea1emb

  • MD5

    b7ff1d3ec122c87b8f41816649017540

  • SHA1

    3d4c3e443e6fdcc5dad576ea6ffad2a1f4b44c13

  • SHA256

    0ca3c298786daa93f170f92c00481d407ae7b73bcf853c6e2164e4589536f6b8

  • SHA512

    7dfcede5600bf4e501859ea3860d9ea75d3a2014934678d3b9236b6e37033a025f9a9b871947f908f5e11b1e45c6d86eb32dde0681316eb80aa9126154214fe7

  • SSDEEP

    6144:ICIGPj038tAgFMldWNX+VC5dtT9Q7d60K8A7W:dj038t/FMldW423RQ7d60dA7W

Malware Config

Targets

    • Target

      0ca3c298786daa93f170f92c00481d407ae7b73bcf853c6e2164e4589536f6b8N

    • Size

      310KB

    • MD5

      b7ff1d3ec122c87b8f41816649017540

    • SHA1

      3d4c3e443e6fdcc5dad576ea6ffad2a1f4b44c13

    • SHA256

      0ca3c298786daa93f170f92c00481d407ae7b73bcf853c6e2164e4589536f6b8

    • SHA512

      7dfcede5600bf4e501859ea3860d9ea75d3a2014934678d3b9236b6e37033a025f9a9b871947f908f5e11b1e45c6d86eb32dde0681316eb80aa9126154214fe7

    • SSDEEP

      6144:ICIGPj038tAgFMldWNX+VC5dtT9Q7d60K8A7W:dj038t/FMldW423RQ7d60dA7W

    • Modifies WinLogon for persistence

    • Ramnit

      Ramnit is a versatile family that holds viruses, worms, and Trojans.

    • Ramnit family

    • Executes dropped EXE

    • Loads dropped DLL

    • Drops file in System32 directory

    • UPX packed file

      Detects executables packed with UPX/modified UPX open source packer.

MITRE ATT&CK Enterprise v15

Tasks