General
-
Target
163f2d72641ebc0540a210a0e5044ed0efacd8411c96a404c26b005ab4595394.exe
-
Size
716KB
-
Sample
250112-gt9b2szlew
-
MD5
898d4a355966427390fe62455650b64d
-
SHA1
1c424cfbfaf500971b0e6441200cf200e690f616
-
SHA256
163f2d72641ebc0540a210a0e5044ed0efacd8411c96a404c26b005ab4595394
-
SHA512
c9f2fd09e902044d652af2b93323225f86d551c6d9f975c93d34bae79c8cfa977489a29ea5ac3f95428b1d29d8151e301f2e9f07f1363752796616c6568393e4
-
SSDEEP
12288:TvqSyJda/aulZAuYL901/gWxiEGwyCoq/MsLAV:jUJdaLbY+oGiiX/FAV
Malware Config
Targets
-
-
Target
163f2d72641ebc0540a210a0e5044ed0efacd8411c96a404c26b005ab4595394.exe
-
Size
716KB
-
MD5
898d4a355966427390fe62455650b64d
-
SHA1
1c424cfbfaf500971b0e6441200cf200e690f616
-
SHA256
163f2d72641ebc0540a210a0e5044ed0efacd8411c96a404c26b005ab4595394
-
SHA512
c9f2fd09e902044d652af2b93323225f86d551c6d9f975c93d34bae79c8cfa977489a29ea5ac3f95428b1d29d8151e301f2e9f07f1363752796616c6568393e4
-
SSDEEP
12288:TvqSyJda/aulZAuYL901/gWxiEGwyCoq/MsLAV:jUJdaLbY+oGiiX/FAV
Score10/10-
Ramnit
Ramnit is a versatile family that holds viruses, worms, and Trojans.
-
Ramnit family
-
Checks computer location settings
Looks up country code configured in the registry, likely geofence.
-
Drops startup file
-
Executes dropped EXE
-
Loads dropped DLL
-
Adds Run key to start application
-
UPX packed file
Detects executables packed with UPX/modified UPX open source packer.
-