General
-
Target
ea2bfa8b4a21ed0d5a9007e8697fbadbcd374ab0c8de1e065afe13bea621e149
-
Size
137KB
-
Sample
241215-zgjjzawney
-
MD5
6328dc3740cb460bbeb01f9e1f8c3a96
-
SHA1
75727567341a0b2c441344f60a0b544b68a6212b
-
SHA256
ea2bfa8b4a21ed0d5a9007e8697fbadbcd374ab0c8de1e065afe13bea621e149
-
SHA512
6563a6b984280b45fcd77a45c629136b9e21b86e9bc7c5363b6a511ab03c711028198d77cb855829f439dafd9b162255d4a36297e74c27af6057e960c28eb90a
-
SSDEEP
3072:zmftffhJCuU9Cw7vFoF3M9Z8oU8HGROzoTq0+RO7IwnY:KVfhguMCysgZNYkdNwB
Malware Config
Targets
-
-
Target
ea2bfa8b4a21ed0d5a9007e8697fbadbcd374ab0c8de1e065afe13bea621e149
-
Size
137KB
-
MD5
6328dc3740cb460bbeb01f9e1f8c3a96
-
SHA1
75727567341a0b2c441344f60a0b544b68a6212b
-
SHA256
ea2bfa8b4a21ed0d5a9007e8697fbadbcd374ab0c8de1e065afe13bea621e149
-
SHA512
6563a6b984280b45fcd77a45c629136b9e21b86e9bc7c5363b6a511ab03c711028198d77cb855829f439dafd9b162255d4a36297e74c27af6057e960c28eb90a
-
SSDEEP
3072:zmftffhJCuU9Cw7vFoF3M9Z8oU8HGROzoTq0+RO7IwnY:KVfhguMCysgZNYkdNwB
Score10/10-
Ramnit
Ramnit is a versatile family that holds viruses, worms, and Trojans.
-
Ramnit family
-
Drops file in Drivers directory
-
Deletes itself
-
Executes dropped EXE
-
Loads dropped DLL
-
Adds Run key to start application
-
Enumerates connected drives
Attempts to read the root path of hard drives other than the default C: drive.
-
UPX packed file
Detects executables packed with UPX/modified UPX open source packer.
-