General

  • Target

    b77fdca9b9773d4ab265d86d7c0866ec701eb8057fc0c7c9d782ddfaafc78b55N.exe

  • Size

    160KB

  • Sample

    241218-dnzzmssjam

  • MD5

    ef13e22525f585a738f84e309b3aa180

  • SHA1

    cf24509c855e6ca356e923a18c276de31232d26f

  • SHA256

    b77fdca9b9773d4ab265d86d7c0866ec701eb8057fc0c7c9d782ddfaafc78b55

  • SHA512

    a5cdd735d1b7999d7d18483dee627112e4d3fb669c4bedf59eba9dcbe0c449f59ab870e75888d4ea233c4a3f2ce789da196b4b3ec2c0a3c80059cdf8241ad1c8

  • SSDEEP

    3072:CT2xNfzEmPUac0yCRS9EK0TLmtmaYNELh/:GkPpe0m1YN

Malware Config

Targets

    • Target

      b77fdca9b9773d4ab265d86d7c0866ec701eb8057fc0c7c9d782ddfaafc78b55N.exe

    • Size

      160KB

    • MD5

      ef13e22525f585a738f84e309b3aa180

    • SHA1

      cf24509c855e6ca356e923a18c276de31232d26f

    • SHA256

      b77fdca9b9773d4ab265d86d7c0866ec701eb8057fc0c7c9d782ddfaafc78b55

    • SHA512

      a5cdd735d1b7999d7d18483dee627112e4d3fb669c4bedf59eba9dcbe0c449f59ab870e75888d4ea233c4a3f2ce789da196b4b3ec2c0a3c80059cdf8241ad1c8

    • SSDEEP

      3072:CT2xNfzEmPUac0yCRS9EK0TLmtmaYNELh/:GkPpe0m1YN

    • Modifies WinLogon for persistence

    • Ramnit

      Ramnit is a versatile family that holds viruses, worms, and Trojans.

    • Ramnit family

    • Executes dropped EXE

    • Loads dropped DLL

    • Drops file in System32 directory

    • UPX packed file

      Detects executables packed with UPX/modified UPX open source packer.

MITRE ATT&CK Enterprise v15

Tasks