General

  • Target

    904bf74c214e2d3f97418b03a5ff4a8df07bcc618cc22841f9e6eb97aa0dd669

  • Size

    847KB

  • Sample

    241218-b4wk2sylgm

  • MD5

    e39ce0a9490d34de9dcf5707efedbbae

  • SHA1

    3dafc8544447630375959d8387510f33b0867dac

  • SHA256

    904bf74c214e2d3f97418b03a5ff4a8df07bcc618cc22841f9e6eb97aa0dd669

  • SHA512

    5a9f30c9c39b3a0d141d8ab7b03d203c54d4b3062551443831f317f393b4524ef5ac1dc8aca8b687b866150ad0e170b5369c10b987cde592606137ad9159aea6

  • SSDEEP

    24576:2zb1MlCKUQyUmjtczu6Prs9pgWoopooK9kwPEs++iv:2zbKsUmjtcdPGgIwPEsriv

Malware Config

Targets

    • Target

      904bf74c214e2d3f97418b03a5ff4a8df07bcc618cc22841f9e6eb97aa0dd669

    • Size

      847KB

    • MD5

      e39ce0a9490d34de9dcf5707efedbbae

    • SHA1

      3dafc8544447630375959d8387510f33b0867dac

    • SHA256

      904bf74c214e2d3f97418b03a5ff4a8df07bcc618cc22841f9e6eb97aa0dd669

    • SHA512

      5a9f30c9c39b3a0d141d8ab7b03d203c54d4b3062551443831f317f393b4524ef5ac1dc8aca8b687b866150ad0e170b5369c10b987cde592606137ad9159aea6

    • SSDEEP

      24576:2zb1MlCKUQyUmjtczu6Prs9pgWoopooK9kwPEs++iv:2zbKsUmjtcdPGgIwPEsriv

    • Modifies WinLogon for persistence

    • Ramnit

      Ramnit is a versatile family that holds viruses, worms, and Trojans.

    • Ramnit family

    • Executes dropped EXE

    • Loads dropped DLL

    • Drops file in System32 directory

    • UPX packed file

      Detects executables packed with UPX/modified UPX open source packer.

MITRE ATT&CK Enterprise v15

Tasks