Overview

overview

10

Static

static

3

90a4863f51...58.dll

windows7-x64

10

90a4863f51...58.dll

windows10-2004-x64

10

Sharing

Copy URL
Twitter E-mail

General

  • Target

    90a4863f512db849123fec82349360150733176aa4553f21fe7e7203bc4e9958.exe

  • Size

    348KB

  • Sample

    241222-c31daaznb1

  • MD5

    7b6552dc6b72933be77d16a2b283a370

  • SHA1

    d806bf125245d9559bc607271293de0d09ad816a

  • SHA256

    90a4863f512db849123fec82349360150733176aa4553f21fe7e7203bc4e9958

  • SHA512

    62f2e0210fea77fbd2a95e4a95f1bcbb3b150eff00caf237efe1e59173b123ed9e948d8d127396f31fd32e134918ab77de42c7d53b6adc99fe680b332140ff54

  • SSDEEP

    3072:e2UxPvVKNiNz1a2JRC+Tq/KcULyqI4C0qI4hsr1hBb4hRxf:FGvQ4Nx9RHTVNLybAqIcmT8f

Score
10/10
ramnitbankerdiscoverypersistencespywarestealertrojanupxworm

Malware Config

Targets

    • Target

      90a4863f512db849123fec82349360150733176aa4553f21fe7e7203bc4e9958.exe

    • Size

      348KB

    • MD5

      7b6552dc6b72933be77d16a2b283a370

    • SHA1

      d806bf125245d9559bc607271293de0d09ad816a

    • SHA256

      90a4863f512db849123fec82349360150733176aa4553f21fe7e7203bc4e9958

    • SHA512

      62f2e0210fea77fbd2a95e4a95f1bcbb3b150eff00caf237efe1e59173b123ed9e948d8d127396f31fd32e134918ab77de42c7d53b6adc99fe680b332140ff54

    • SSDEEP

      3072:e2UxPvVKNiNz1a2JRC+Tq/KcULyqI4C0qI4hsr1hBb4hRxf:FGvQ4Nx9RHTVNLybAqIcmT8f

    Score
    10/10
    ramnitbankerdiscoverypersistencespywarestealertrojanupxworm

    • Modifies WinLogon for persistence

      persistence

    • Ramnit

      Ramnit is a versatile family that holds viruses, worms, and Trojans.

      trojanspywarestealerwormbankerramnit

    • Ramnit family

      ramnit

    • Executes dropped EXE

    • Loads dropped DLL

    • Drops file in System32 directory

    • UPX packed file

      Detects executables packed with UPX/modified UPX open source packer.

      upx
    behavioral1behavioral2

MITRE ATT&CK Enterprise v15

Tasks