Ramnit_Banker_IOCs_14-01-2019

1. #Ramnit #Banking #Malware
2. -----------------------------------
3. 14-01-2019 IOC's
4. -----------------------------------
5. Main object- "3e0d9685c8e0bf52b13f2330a3167b049ba3da137da7a54483b7fd42018c5e5e.bin.gz"
6. sha256 282fda3a8ffa0c48d3781b5059b79f6df3b61e9b18528b15daa1f53b5d91f3a0
7. sha1 2d422ef1b945a3196be3408db031d865d331babf
8. md5 8d82b9754d9977bef35bd99a380af256
9. Dropped executable file
10. sha256 C:\Users\admin\Desktop\3e0d9685c8e0bf52b13f2330a3167b049ba3da137da7a54483b7fd42018c5e5e.bin.gz 3e0d9685c8e0bf52b13f2330a3167b049ba3da137da7a54483b7fd42018c5e5e
11. DNS requests
12. domain domthreefreesite.com
13. Connections
14. ip 95.46.8.133
15. -----------------------------------
16. Report:
17. https://any.run/report/282fda3a8ffa0c48d3781b5059b79f6df3b61e9b18528b15daa1f53b5d91f3a0/a56d60c2-7c15-49eb-848f-aab5a369451b