General

  • Target

    6d49cf987b61837dcdb9e3dfc0b26c94649a247f792f27d7ef5788160e404f27.exe

  • Size

    947KB

  • Sample

    241216-3e6hhatkaw

  • MD5

    bbb8e9a8d0c2d5b8c1de65f108c42700

  • SHA1

    37eaf6d67a2b6b2b2e432bccf3eda803db3f151f

  • SHA256

    6d49cf987b61837dcdb9e3dfc0b26c94649a247f792f27d7ef5788160e404f27

  • SHA512

    11793489d27e1d5b7bc753a9b6d24578d6f6874e3541acca5fbb1a1336180315fe7370561d7a8a1a2167303c7b315462695af7ea520cf023f5c44a656818470b

  • SSDEEP

    24576:pzb1MlCKUQyUmjtczu6Prs9pgWoopooK9kwP+PmS4+xXGeBD+VF3D:pzbKsUmjtcdPGgIwP+PmSdF+P

Malware Config

Targets

    • Target

      6d49cf987b61837dcdb9e3dfc0b26c94649a247f792f27d7ef5788160e404f27.exe

    • Size

      947KB

    • MD5

      bbb8e9a8d0c2d5b8c1de65f108c42700

    • SHA1

      37eaf6d67a2b6b2b2e432bccf3eda803db3f151f

    • SHA256

      6d49cf987b61837dcdb9e3dfc0b26c94649a247f792f27d7ef5788160e404f27

    • SHA512

      11793489d27e1d5b7bc753a9b6d24578d6f6874e3541acca5fbb1a1336180315fe7370561d7a8a1a2167303c7b315462695af7ea520cf023f5c44a656818470b

    • SSDEEP

      24576:pzb1MlCKUQyUmjtczu6Prs9pgWoopooK9kwP+PmS4+xXGeBD+VF3D:pzbKsUmjtcdPGgIwP+PmSdF+P

    • Modifies WinLogon for persistence

    • Ramnit

      Ramnit is a versatile family that holds viruses, worms, and Trojans.

    • Ramnit family

    • Executes dropped EXE

    • Loads dropped DLL

    • Drops file in System32 directory

    • UPX packed file

      Detects executables packed with UPX/modified UPX open source packer.

MITRE ATT&CK Enterprise v15

Tasks