General

  • Target

    7ed2b49fd78f1e8299bc660333182ab97da2cffe0a53d7c1c4f9ea96cb743c21N.exe

  • Size

    847KB

  • Sample

    241216-w2vwysxlbs

  • MD5

    d43c791d583c4a7175ab01c5734565f0

  • SHA1

    3d9124c80d48352127f8f9998939378fa802095f

  • SHA256

    7ed2b49fd78f1e8299bc660333182ab97da2cffe0a53d7c1c4f9ea96cb743c21

  • SHA512

    bd34e5aca0155644b340b01486f4051c9faf7860429e866dd8b338c4a65b330e5c7aa8978c08a1075b82ed1004109b82f99f9c1cb634c4bab281e47074e40cd6

  • SSDEEP

    24576:Uzb1MlCKUQyUmjtczu6Prs9pgWoopooK9kwPKxyCFrKTE:UzbKsUmjtcdPGgIwPKjFr0E

Malware Config

Targets

    • Target

      7ed2b49fd78f1e8299bc660333182ab97da2cffe0a53d7c1c4f9ea96cb743c21N.exe

    • Size

      847KB

    • MD5

      d43c791d583c4a7175ab01c5734565f0

    • SHA1

      3d9124c80d48352127f8f9998939378fa802095f

    • SHA256

      7ed2b49fd78f1e8299bc660333182ab97da2cffe0a53d7c1c4f9ea96cb743c21

    • SHA512

      bd34e5aca0155644b340b01486f4051c9faf7860429e866dd8b338c4a65b330e5c7aa8978c08a1075b82ed1004109b82f99f9c1cb634c4bab281e47074e40cd6

    • SSDEEP

      24576:Uzb1MlCKUQyUmjtczu6Prs9pgWoopooK9kwPKxyCFrKTE:UzbKsUmjtcdPGgIwPKjFr0E

    • Modifies WinLogon for persistence

    • Ramnit

      Ramnit is a versatile family that holds viruses, worms, and Trojans.

    • Ramnit family

    • Executes dropped EXE

    • Loads dropped DLL

    • Drops file in System32 directory

    • UPX packed file

      Detects executables packed with UPX/modified UPX open source packer.

MITRE ATT&CK Enterprise v15

Tasks