Overview

overview

10

Static

static

2188f5a214...8a.exe

windows7_x64

10

2188f5a214...8a.exe

windows10-2004_x64

8

Sharing

Copy URL
Twitter E-mail

General

  • Target

    2188f5a214a324667b5a3f1eab091c9b3f6a92755b76613c215eff924df70c8a

  • Size

    321KB

  • Sample

    220612-j7eeyahdf4

  • MD5

    76f4437bbb7ea924e9cda33dec2919d3

  • SHA1

    8befc8b4ce0266dec8e2e1d6e9aec882f1ae358e

  • SHA256

    2188f5a214a324667b5a3f1eab091c9b3f6a92755b76613c215eff924df70c8a

  • SHA512

    b9a0882e07ee5c81444b5d57b69fa628cfe86d08a54e6df5d317444ba64334ef33f265540dcf3b231368ce505ac1bb9fe6b2f0a74b0b307a62d4f885821a1acf

Score
10/10
imminentpersistencespywaretrojan

Malware Config

Targets

    • Target

      2188f5a214a324667b5a3f1eab091c9b3f6a92755b76613c215eff924df70c8a

    • Size

      321KB

    • MD5

      76f4437bbb7ea924e9cda33dec2919d3

    • SHA1

      8befc8b4ce0266dec8e2e1d6e9aec882f1ae358e

    • SHA256

      2188f5a214a324667b5a3f1eab091c9b3f6a92755b76613c215eff924df70c8a

    • SHA512

      b9a0882e07ee5c81444b5d57b69fa628cfe86d08a54e6df5d317444ba64334ef33f265540dcf3b231368ce505ac1bb9fe6b2f0a74b0b307a62d4f885821a1acf

    Score
    10/10
    imminentpersistencespywaretrojan

    • Imminent RAT

      Remote-access trojan based on Imminent Monitor remote admin software.

      trojanspywareimminent

    • Executes dropped EXE

    • Checks computer location settings

      Looks up country code configured in the registry, likely geofence.

    • Loads dropped DLL

    • Adds Run key to start application

      persistence
    behavioral1behavioral2

MITRE ATT&CK Enterprise v6

Tasks