Overview

overview

10

Static

static

1844736c9a...eb.exe

windows7_x64

10

1844736c9a...eb.exe

windows10-2004_x64

10

Sharing

Copy URL
Twitter E-mail

General

  • Target

    1844736c9adbe4513f56f0790427ffc64f68bcd51b0d86ebf683388ed6d74feb

  • Size

    320KB

  • Sample

    220608-wjgllseec4

  • MD5

    4220a0e8153d9bec257da70683c42cb4

  • SHA1

    ad5ada0f306bb4e77bbbc3c274fd3a338a2c39e4

  • SHA256

    1844736c9adbe4513f56f0790427ffc64f68bcd51b0d86ebf683388ed6d74feb

  • SHA512

    5fcc3cb36f0d158e3ff41caf026c6da6ee95fc07d8e993b09594d3a4065dec7f16bb68eb45f2deb25e115c3aefffd6164daa9cd3c308548b1e306b42a72b9e26

Score
10/10
imminentspywaretrojan

Malware Config

Targets

    • Target

      1844736c9adbe4513f56f0790427ffc64f68bcd51b0d86ebf683388ed6d74feb

    • Size

      320KB

    • MD5

      4220a0e8153d9bec257da70683c42cb4

    • SHA1

      ad5ada0f306bb4e77bbbc3c274fd3a338a2c39e4

    • SHA256

      1844736c9adbe4513f56f0790427ffc64f68bcd51b0d86ebf683388ed6d74feb

    • SHA512

      5fcc3cb36f0d158e3ff41caf026c6da6ee95fc07d8e993b09594d3a4065dec7f16bb68eb45f2deb25e115c3aefffd6164daa9cd3c308548b1e306b42a72b9e26

    Score
    10/10
    imminentspywaretrojan

    • Imminent RAT

      Remote-access trojan based on Imminent Monitor remote admin software.

      trojanspywareimminent

    • Executes dropped EXE

    • Checks computer location settings

      Looks up country code configured in the registry, likely geofence.

    • Loads dropped DLL

    • Drops desktop.ini file(s)

    behavioral1behavioral2

MITRE ATT&CK Enterprise v6

Tasks