General

  • Target

    55e88cd765e0cb497c639c7aee4f8e7df4fc0dccb00b65374c1021db84cfd72b.exe

  • Size

    193KB

  • Sample

    241218-f59arawpbp

  • MD5

    8feaaa568f5738b665b1e0fb9a7e6f6e

  • SHA1

    f9e794ba8bfdd5bc282483447574e63b1fb96361

  • SHA256

    55e88cd765e0cb497c639c7aee4f8e7df4fc0dccb00b65374c1021db84cfd72b

  • SHA512

    267d8f3ef61d4dd409db4c4d34bfc1ed2b31eb459637880b33dbb4c3ceaa9a872f871f51ee27144b4f3accb198b62d89dc2786811aebad66dc4957bf2cca673d

  • SSDEEP

    3072:cR2xn3k0CdM1vabyzJYWqSBS9lc+pe0McUDwTgnJKc/qk:cR2J0LS6VDlVLMcebnd/qk

Malware Config

Targets

    • Target

      55e88cd765e0cb497c639c7aee4f8e7df4fc0dccb00b65374c1021db84cfd72b.exe

    • Size

      193KB

    • MD5

      8feaaa568f5738b665b1e0fb9a7e6f6e

    • SHA1

      f9e794ba8bfdd5bc282483447574e63b1fb96361

    • SHA256

      55e88cd765e0cb497c639c7aee4f8e7df4fc0dccb00b65374c1021db84cfd72b

    • SHA512

      267d8f3ef61d4dd409db4c4d34bfc1ed2b31eb459637880b33dbb4c3ceaa9a872f871f51ee27144b4f3accb198b62d89dc2786811aebad66dc4957bf2cca673d

    • SSDEEP

      3072:cR2xn3k0CdM1vabyzJYWqSBS9lc+pe0McUDwTgnJKc/qk:cR2J0LS6VDlVLMcebnd/qk

    • Modifies WinLogon for persistence

    • Ramnit

      Ramnit is a versatile family that holds viruses, worms, and Trojans.

    • Ramnit family

    • Executes dropped EXE

    • Loads dropped DLL

    • Drops file in System32 directory

    • UPX packed file

      Detects executables packed with UPX/modified UPX open source packer.

MITRE ATT&CK Enterprise v15

Tasks