General

  • Target

    2e4cd2d222434cca5c7dd3e685a4c4355a0f0d962b6b3cca3bdc74d4db41c41bN.exe

  • Size

    193KB

  • Sample

    241217-y8z6csxjf1

  • MD5

    bc5f0977acec702961e4d2fe9e2682b0

  • SHA1

    3da68a6f8cf57381d87b3fec2e1c5daefffd77c3

  • SHA256

    2e4cd2d222434cca5c7dd3e685a4c4355a0f0d962b6b3cca3bdc74d4db41c41b

  • SHA512

    cc06762af3c6ad0820d9aca6fbd55e507397f74bfeebdbfe0ca2e2083ed8a023a50b9023ca48584109856991b108dc486a0e562ed23ee45667ffb0c8c83ad9d8

  • SSDEEP

    3072:cR2xn3k0CdM1vabyzJYWqSBS9lc+pe0McUDwTgnJKc/qk:cR2J0LS6VDlVLMcebnd/qk

Malware Config

Targets

    • Target

      2e4cd2d222434cca5c7dd3e685a4c4355a0f0d962b6b3cca3bdc74d4db41c41bN.exe

    • Size

      193KB

    • MD5

      bc5f0977acec702961e4d2fe9e2682b0

    • SHA1

      3da68a6f8cf57381d87b3fec2e1c5daefffd77c3

    • SHA256

      2e4cd2d222434cca5c7dd3e685a4c4355a0f0d962b6b3cca3bdc74d4db41c41b

    • SHA512

      cc06762af3c6ad0820d9aca6fbd55e507397f74bfeebdbfe0ca2e2083ed8a023a50b9023ca48584109856991b108dc486a0e562ed23ee45667ffb0c8c83ad9d8

    • SSDEEP

      3072:cR2xn3k0CdM1vabyzJYWqSBS9lc+pe0McUDwTgnJKc/qk:cR2J0LS6VDlVLMcebnd/qk

    • Modifies WinLogon for persistence

    • Ramnit

      Ramnit is a versatile family that holds viruses, worms, and Trojans.

    • Ramnit family

    • Executes dropped EXE

    • Loads dropped DLL

    • Drops file in System32 directory

    • UPX packed file

      Detects executables packed with UPX/modified UPX open source packer.

MITRE ATT&CK Enterprise v15

Tasks