Overview

overview

10

Static

static

1e23bbbc5a...ab.exe

windows7_x64

10

1e23bbbc5a...ab.exe

windows10-2004_x64

8

Sharing

Copy URL
Twitter E-mail

General

  • Target

    1e23bbbc5a3883083984f90130b842709bbdda27370f33190c7637373eab94ab

  • Size

    320KB

  • Sample

    220612-11xrdahcel

  • MD5

    bcfb9b84aba103a8b57e20b3cb9559ba

  • SHA1

    a114b061796f259e86601ec82fe453d280036f36

  • SHA256

    1e23bbbc5a3883083984f90130b842709bbdda27370f33190c7637373eab94ab

  • SHA512

    e852ec7807fa061a9fbb8abb9033e4521e0c130a6de4953d0b6673fd6d420fa7102a51c18892c19b898abd38a78cf394a54a09a6030d37594f7a3088eed4bec0

Score
10/10
imminentspywaretrojan

Malware Config

Targets

    • Target

      1e23bbbc5a3883083984f90130b842709bbdda27370f33190c7637373eab94ab

    • Size

      320KB

    • MD5

      bcfb9b84aba103a8b57e20b3cb9559ba

    • SHA1

      a114b061796f259e86601ec82fe453d280036f36

    • SHA256

      1e23bbbc5a3883083984f90130b842709bbdda27370f33190c7637373eab94ab

    • SHA512

      e852ec7807fa061a9fbb8abb9033e4521e0c130a6de4953d0b6673fd6d420fa7102a51c18892c19b898abd38a78cf394a54a09a6030d37594f7a3088eed4bec0

    Score
    10/10
    imminentspywaretrojan

    • Imminent RAT

      Remote-access trojan based on Imminent Monitor remote admin software.

      trojanspywareimminent

    • Executes dropped EXE

    • Checks computer location settings

      Looks up country code configured in the registry, likely geofence.

    • Loads dropped DLL

    behavioral1behavioral2

MITRE ATT&CK Enterprise v6

Tasks