Analysis
-
max time kernel
151s -
max time network
155s -
platform
windows7_x64 -
resource
win7-20220414-en -
submitted
21/06/2022, 15:35
General
-
Target
30449bfeadea349eaf0db0fe35c8f03a2045c4e11c2f2f96b7e12eb1ac95f16f.exe
-
Size
324KB
-
MD5
7366fd7818e4a03712721d61a3229d3c
-
SHA1
452f53623d0b7a1045a72fe00e8a2d6077d4c8a1
-
SHA256
30449bfeadea349eaf0db0fe35c8f03a2045c4e11c2f2f96b7e12eb1ac95f16f
-
SHA512
4994afa27896fb4304980474ff0a5d064ebfc5294bbc5f56f5c84113cbb368e31879a2e13aa23ee5a2b64b0232d33b2f84e23c9cefef436a76a3decd88207884
Score
10/10
Malware Config
Signatures
-
Imminent RAT
Remote-access trojan based on Imminent Monitor remote admin software.
-
Suspicious behavior: GetForegroundWindowSpam 1 IoCs
-
Suspicious use of AdjustPrivilegeToken 3 IoCs
-
Suspicious use of SetWindowsHookEx 1 IoCs
Processes
-
C:\Users\Admin\AppData\Local\Temp\30449bfeadea349eaf0db0fe35c8f03a2045c4e11c2f2f96b7e12eb1ac95f16f.exe"C:\Users\Admin\AppData\Local\Temp\30449bfeadea349eaf0db0fe35c8f03a2045c4e11c2f2f96b7e12eb1ac95f16f.exe"1⤵
- Suspicious behavior: GetForegroundWindowSpam
- Suspicious use of AdjustPrivilegeToken
- Suspicious use of SetWindowsHookEx
-
C:\Windows\system32\wbem\WmiApSrv.exeC:\Windows\system32\wbem\WmiApSrv.exe1⤵
Network
MITRE ATT&CK Matrix
Replay Monitor
Loading Replay Monitor...
Downloads
-
Filesize
8KB
-
Filesize
5.7MB
-
Filesize
5.7MB