Overview

overview

10

Static

static

3

6a943da455...2N.dll

windows7-x64

10

6a943da455...2N.dll

windows10-2004-x64

10

Sharing

Copy URL
Twitter E-mail

General

  • Target

    6a943da45561b89e7a60cdcea899249b13c35ab202648b15500a0ec236a66b32N.exe

  • Size

    184KB

  • Sample

    241222-bxj9faxrbp

  • MD5

    a4df67495a3e8a90b8626f38c0b95320

  • SHA1

    3d97b8da469fc943f3ce07a4630e9fb110192b53

  • SHA256

    6a943da45561b89e7a60cdcea899249b13c35ab202648b15500a0ec236a66b32

  • SHA512

    db6386f2fef84785a46706eabebb5bd2b1b89d62f72551ebf8318ca74bd9320ef78d955e93af21e54411986bed41b0f1293db649b92c26fea636b7cca8ba94e3

  • SSDEEP

    3072:jn4cV8gf2u41Z5tKlw+riClf+gfjxbfkhbN:L4y8gOl2zrhlf++xYhh

Score
10/10
ramnitbankerdiscoverypersistencespywarestealertrojanupxworm

Malware Config

Targets

    • Target

      6a943da45561b89e7a60cdcea899249b13c35ab202648b15500a0ec236a66b32N.exe

    • Size

      184KB

    • MD5

      a4df67495a3e8a90b8626f38c0b95320

    • SHA1

      3d97b8da469fc943f3ce07a4630e9fb110192b53

    • SHA256

      6a943da45561b89e7a60cdcea899249b13c35ab202648b15500a0ec236a66b32

    • SHA512

      db6386f2fef84785a46706eabebb5bd2b1b89d62f72551ebf8318ca74bd9320ef78d955e93af21e54411986bed41b0f1293db649b92c26fea636b7cca8ba94e3

    • SSDEEP

      3072:jn4cV8gf2u41Z5tKlw+riClf+gfjxbfkhbN:L4y8gOl2zrhlf++xYhh

    Score
    10/10
    ramnitbankerdiscoverypersistencespywarestealertrojanupxworm

    • Modifies WinLogon for persistence

      persistence

    • Ramnit

      Ramnit is a versatile family that holds viruses, worms, and Trojans.

      trojanspywarestealerwormbankerramnit

    • Ramnit family

      ramnit

    • Executes dropped EXE

    • Loads dropped DLL

    • Drops file in System32 directory

    • UPX packed file

      Detects executables packed with UPX/modified UPX open source packer.

      upx
    behavioral1behavioral2

MITRE ATT&CK Enterprise v15

Tasks