General

  • Target

    735de9d0e558076bfc6c56ab845b87a98f4042764aef0c142c7b9bcc007cbcb0N

  • Size

    632KB

  • Sample

    241110-ehexysslbl

  • MD5

    e4207500f05c645fa40e74c9b0fdbcc0

  • SHA1

    3d37dcdd86678ac3f98ec0f240e46e62abe37b7e

  • SHA256

    735de9d0e558076bfc6c56ab845b87a98f4042764aef0c142c7b9bcc007cbcb0

  • SHA512

    8a3fe7a353575423511fe0a0c20f35241e07b5015cab3dd3376d88dc3765cebd99dc88e9c117f4b80faae141fe7dae874f8428e8656b2356c9517aa4b47afa64

  • SSDEEP

    12288:HhpUrEIZJqr1AkBWwNa5R0EYl795/amaX3QXaPKU8m4xJ2YGkjsW:H/jG01NHXaPwdxFF

Malware Config

Targets

    • Target

      735de9d0e558076bfc6c56ab845b87a98f4042764aef0c142c7b9bcc007cbcb0N

    • Size

      632KB

    • MD5

      e4207500f05c645fa40e74c9b0fdbcc0

    • SHA1

      3d37dcdd86678ac3f98ec0f240e46e62abe37b7e

    • SHA256

      735de9d0e558076bfc6c56ab845b87a98f4042764aef0c142c7b9bcc007cbcb0

    • SHA512

      8a3fe7a353575423511fe0a0c20f35241e07b5015cab3dd3376d88dc3765cebd99dc88e9c117f4b80faae141fe7dae874f8428e8656b2356c9517aa4b47afa64

    • SSDEEP

      12288:HhpUrEIZJqr1AkBWwNa5R0EYl795/amaX3QXaPKU8m4xJ2YGkjsW:H/jG01NHXaPwdxFF

    • Modifies WinLogon for persistence

    • Ramnit

      Ramnit is a versatile family that holds viruses, worms, and Trojans.

    • Ramnit family

    • Executes dropped EXE

    • Loads dropped DLL

    • Drops file in System32 directory

    • UPX packed file

      Detects executables packed with UPX/modified UPX open source packer.

MITRE ATT&CK Enterprise v15

Tasks