General

  • Target

    eeac57423fed14cb119754de6adb661fdb07c3fa78cc7af41fcfc91f90a172f7.exe

  • Size

    287KB

  • Sample

    241217-px9e8azjgs

  • MD5

    306d394cccfd7f7aa8864ff2ef9019db

  • SHA1

    0927ffe14ce2d7041e284a2ead44d62da91c4606

  • SHA256

    eeac57423fed14cb119754de6adb661fdb07c3fa78cc7af41fcfc91f90a172f7

  • SHA512

    1834ef5c580986940fba8786eec6fad9c0457f3875959240778f8c90115137377bc584c3f314a9040ef076b8e730ad3dd11dc4a95dbb3bd4ff1a756cada39f44

  • SSDEEP

    3072:fCuuNCRs/Pj03pJEEC9ti9pocimFFVW6E1fZim4v5TRRJBYeBTg4vRPW9vc/Bm6f:fCIGPj038tAgFMldWNX+2ehIRAf

Malware Config

Targets

    • Target

      eeac57423fed14cb119754de6adb661fdb07c3fa78cc7af41fcfc91f90a172f7.exe

    • Size

      287KB

    • MD5

      306d394cccfd7f7aa8864ff2ef9019db

    • SHA1

      0927ffe14ce2d7041e284a2ead44d62da91c4606

    • SHA256

      eeac57423fed14cb119754de6adb661fdb07c3fa78cc7af41fcfc91f90a172f7

    • SHA512

      1834ef5c580986940fba8786eec6fad9c0457f3875959240778f8c90115137377bc584c3f314a9040ef076b8e730ad3dd11dc4a95dbb3bd4ff1a756cada39f44

    • SSDEEP

      3072:fCuuNCRs/Pj03pJEEC9ti9pocimFFVW6E1fZim4v5TRRJBYeBTg4vRPW9vc/Bm6f:fCIGPj038tAgFMldWNX+2ehIRAf

    • Modifies WinLogon for persistence

    • Ramnit

      Ramnit is a versatile family that holds viruses, worms, and Trojans.

    • Ramnit family

    • Executes dropped EXE

    • Loads dropped DLL

    • Drops file in System32 directory

    • UPX packed file

      Detects executables packed with UPX/modified UPX open source packer.

MITRE ATT&CK Enterprise v15

Tasks