General

  • Target

    ad3f4fa7a3100446a4140c75b09a8c618416d85b737650126355123d619b3dc7N.exe

  • Size

    2.0MB

  • Sample

    241216-xhvmhsylel

  • MD5

    a363d81a1c6229bbf18ddfaf3d004420

  • SHA1

    3d91cdd8e44ab89a192c280ec220abca82752db6

  • SHA256

    ad3f4fa7a3100446a4140c75b09a8c618416d85b737650126355123d619b3dc7

  • SHA512

    6bd87526984c2558bd07bf05a2edee3979d40d24d5b9e7de3ce09ee8cfe5aae65c81a87f3c8d79d43bf7df841e38d117ea99ee8a4787e26d9fa824da19720dd5

  • SSDEEP

    24576:r7IY7a9IRCRqRPkHQo411810cNScGKJydXTZDwmzRMo3DP7x5nbiQj8CTefFfUPI:fIY5RMHMf810Knor5zqo3zNJuQjb4FyQ

Malware Config

Targets

    • Target

      ad3f4fa7a3100446a4140c75b09a8c618416d85b737650126355123d619b3dc7N.exe

    • Size

      2.0MB

    • MD5

      a363d81a1c6229bbf18ddfaf3d004420

    • SHA1

      3d91cdd8e44ab89a192c280ec220abca82752db6

    • SHA256

      ad3f4fa7a3100446a4140c75b09a8c618416d85b737650126355123d619b3dc7

    • SHA512

      6bd87526984c2558bd07bf05a2edee3979d40d24d5b9e7de3ce09ee8cfe5aae65c81a87f3c8d79d43bf7df841e38d117ea99ee8a4787e26d9fa824da19720dd5

    • SSDEEP

      24576:r7IY7a9IRCRqRPkHQo411810cNScGKJydXTZDwmzRMo3DP7x5nbiQj8CTefFfUPI:fIY5RMHMf810Knor5zqo3zNJuQjb4FyQ

    • Modifies WinLogon for persistence

    • Ramnit

      Ramnit is a versatile family that holds viruses, worms, and Trojans.

    • Ramnit family

    • Executes dropped EXE

    • Loads dropped DLL

    • Drops file in System32 directory

    • UPX packed file

      Detects executables packed with UPX/modified UPX open source packer.

MITRE ATT&CK Enterprise v15

Tasks