Overview

overview

10

Static

static

3

f645970602...7N.dll

windows7-x64

10

f645970602...7N.dll

windows10-2004-x64

10

Sharing

Copy URL
Twitter E-mail

General

  • Target

    f6459706021fa22c5bdbe89cccd6f7313932d6021b50a5e292c4cad9039cd747N.exe

  • Size

    136KB

  • Sample

    250104-jf6p4szkhw

  • MD5

    5a3970c39f090d1a289ce5c86a6ce2b0

  • SHA1

    548ff3d32f22bf63e8e53670177e637b888d42e7

  • SHA256

    f6459706021fa22c5bdbe89cccd6f7313932d6021b50a5e292c4cad9039cd747

  • SHA512

    21bacd2d03069ffac291f61aa4bbd17e278b4972145c2e99e09b1d5e860e2cc427ddbe28f278566ccce3341903e70eae6e38445f0a70fda9dd6ddacc49ebfe28

  • SSDEEP

    3072:RkZrg1P6DGxO144swW5K5XRNLPz41lk2:WBGxm/W5SXRr2

Score
10/10
ramnitbankerdiscoveryevasionspywarestealertrojanupxworm

Malware Config

Targets

    • Target

      f6459706021fa22c5bdbe89cccd6f7313932d6021b50a5e292c4cad9039cd747N.exe

    • Size

      136KB

    • MD5

      5a3970c39f090d1a289ce5c86a6ce2b0

    • SHA1

      548ff3d32f22bf63e8e53670177e637b888d42e7

    • SHA256

      f6459706021fa22c5bdbe89cccd6f7313932d6021b50a5e292c4cad9039cd747

    • SHA512

      21bacd2d03069ffac291f61aa4bbd17e278b4972145c2e99e09b1d5e860e2cc427ddbe28f278566ccce3341903e70eae6e38445f0a70fda9dd6ddacc49ebfe28

    • SSDEEP

      3072:RkZrg1P6DGxO144swW5K5XRNLPz41lk2:WBGxm/W5SXRr2

    Score
    10/10
    ramnitbankerdiscoveryspywarestealertrojanupxwormevasion

    • Modifies firewall policy service

      evasion

    • Ramnit

      Ramnit is a versatile family that holds viruses, worms, and Trojans.

      trojanspywarestealerwormbankerramnit

    • Ramnit family

      ramnit

    • Drops file in Drivers directory

    • Executes dropped EXE

    • Loads dropped DLL

    • Enumerates connected drives

      Attempts to read the root path of hard drives other than the default C: drive.

    • Drops file in System32 directory

    • UPX packed file

      Detects executables packed with UPX/modified UPX open source packer.

      upx
    behavioral1behavioral2

MITRE ATT&CK Enterprise v15

Tasks