General

  • Target

    WSock.dll

  • Size

    92KB

  • Sample

    241120-m9p61azqhp

  • MD5

    3612fee7ae3ee6480c3804845c579255

  • SHA1

    6254940b4247ba8a0581a362813be070d0e34b99

  • SHA256

    990357fe141b7e0ef376eb3d71279a6d160f8bbbd3e6d25e269c34af50e6ef04

  • SHA512

    ff0e160782039acc1f33a8beddcc8b58324fc61cde7b3b63346ab1295c9d6c2887fe0360bab23c978d893c9d228338e6c46790394a6b04ad17eca96d5da23b63

  • SSDEEP

    1536:YbeVnaYp+HbnvyeUMfF5TF4LIDA8VeKF0tk/Y88/3TGo3Mqr8j98ypwm/RO43gYZ:YdTfFUO1UO0q/YP/3Tr3MqgOPk99q2c

Malware Config

Targets

    • Target

      WSock.dll

    • Size

      92KB

    • MD5

      3612fee7ae3ee6480c3804845c579255

    • SHA1

      6254940b4247ba8a0581a362813be070d0e34b99

    • SHA256

      990357fe141b7e0ef376eb3d71279a6d160f8bbbd3e6d25e269c34af50e6ef04

    • SHA512

      ff0e160782039acc1f33a8beddcc8b58324fc61cde7b3b63346ab1295c9d6c2887fe0360bab23c978d893c9d228338e6c46790394a6b04ad17eca96d5da23b63

    • SSDEEP

      1536:YbeVnaYp+HbnvyeUMfF5TF4LIDA8VeKF0tk/Y88/3TGo3Mqr8j98ypwm/RO43gYZ:YdTfFUO1UO0q/YP/3Tr3MqgOPk99q2c

    • Ramnit

      Ramnit is a versatile family that holds viruses, worms, and Trojans.

    • Ramnit family

    • Executes dropped EXE

    • Loads dropped DLL

    • Drops file in System32 directory

    • UPX packed file

      Detects executables packed with UPX/modified UPX open source packer.

MITRE ATT&CK Enterprise v15

Tasks