General

  • Target

    5ce23b2a954a3803aa90be4fec60be105e09d15fd24bfca1420db12d65f8e0e9.exe

  • Size

    276KB

  • Sample

    241217-dlnhtszkcm

  • MD5

    d713d347658a4744e01eb2f9e169ce1c

  • SHA1

    77777460a0b41f505de6cf8a3144b64df87ba01b

  • SHA256

    5ce23b2a954a3803aa90be4fec60be105e09d15fd24bfca1420db12d65f8e0e9

  • SHA512

    387d0ab83c48d45ab3bc9abf7f5b0d9dc5b7a04944d2d319bb4d2978630829cd369bda6349737ca67980856a0a76a2279892d67134a96e1acbb47b6e7e64b5a1

  • SSDEEP

    3072:FdcQ2ZNMSQvbajUTUItjT68+xQEVulys593oI8mmwXrPbh:VATSOjUQKculy8uI9fbPN

Malware Config

Targets

    • Target

      5ce23b2a954a3803aa90be4fec60be105e09d15fd24bfca1420db12d65f8e0e9.exe

    • Size

      276KB

    • MD5

      d713d347658a4744e01eb2f9e169ce1c

    • SHA1

      77777460a0b41f505de6cf8a3144b64df87ba01b

    • SHA256

      5ce23b2a954a3803aa90be4fec60be105e09d15fd24bfca1420db12d65f8e0e9

    • SHA512

      387d0ab83c48d45ab3bc9abf7f5b0d9dc5b7a04944d2d319bb4d2978630829cd369bda6349737ca67980856a0a76a2279892d67134a96e1acbb47b6e7e64b5a1

    • SSDEEP

      3072:FdcQ2ZNMSQvbajUTUItjT68+xQEVulys593oI8mmwXrPbh:VATSOjUQKculy8uI9fbPN

    • Modifies WinLogon for persistence

    • Ramnit

      Ramnit is a versatile family that holds viruses, worms, and Trojans.

    • Ramnit family

    • Executes dropped EXE

    • Loads dropped DLL

    • Drops file in System32 directory

    • UPX packed file

      Detects executables packed with UPX/modified UPX open source packer.

MITRE ATT&CK Enterprise v15

Tasks