General

  • Target

    9f54853cd9ca3de3f36a870d6c6b7ad122d529e6dcf97bf6c88a839fb6ba032d

  • Size

    867KB

  • Sample

    220625-lfnweaegek

  • MD5

    8cd4959a5cd09b4c4192bf1c1a3a796f

  • SHA1

    b59225976d8197e38cb5bc1d13b8a5ed1d0a25c9

  • SHA256

    9f54853cd9ca3de3f36a870d6c6b7ad122d529e6dcf97bf6c88a839fb6ba032d

  • SHA512

    b1c92e532dbb3d5a1d57845d48694c9087c1a02b713700194593a4b22745366003c61ed3278fcb8276355a7996d276559ba6eb108306fd9417fcf2a5ad2b7d71

Score
10/10

Malware Config

Targets

    • Target

      9f54853cd9ca3de3f36a870d6c6b7ad122d529e6dcf97bf6c88a839fb6ba032d

    • Size

      867KB

    • MD5

      8cd4959a5cd09b4c4192bf1c1a3a796f

    • SHA1

      b59225976d8197e38cb5bc1d13b8a5ed1d0a25c9

    • SHA256

      9f54853cd9ca3de3f36a870d6c6b7ad122d529e6dcf97bf6c88a839fb6ba032d

    • SHA512

      b1c92e532dbb3d5a1d57845d48694c9087c1a02b713700194593a4b22745366003c61ed3278fcb8276355a7996d276559ba6eb108306fd9417fcf2a5ad2b7d71

    Score
    10/10
    • Imminent RAT

      Remote-access trojan based on Imminent Monitor remote admin software.

    • Checks computer location settings

      Looks up country code configured in the registry, likely geofence.

    • Drops desktop.ini file(s)

    • Suspicious use of SetThreadContext

MITRE ATT&CK Enterprise v6

Tasks