Overview

overview

10

Static

static

8ae0490cfd...30.exe

windows7_x64

10

8ae0490cfd...30.exe

windows10-2004_x64

10

Sharing

Copy URL
Twitter E-mail

General

  • Target

    8ae0490cfd0e001a1c4dd6067658293554db517ab63187298fd88ea26607b130

  • Size

    522KB

  • Sample

    220625-lwebxahfg2

  • MD5

    be9a003009955a22915d86ad735abbef

  • SHA1

    023f05b1214e3776f48c53f42b58febba97ca77f

  • SHA256

    8ae0490cfd0e001a1c4dd6067658293554db517ab63187298fd88ea26607b130

  • SHA512

    f19fb8aff431c8e5204d7f9d5176aac7e7e6d011e2dda8eaa54b98f8be1676388412484c2af6d7b51088e8e4352bba4f6f1f5d3fbeee6de6640bdc6f5052e67e

Score
10/10
imminentspywaretrojan

Malware Config

Targets

    • Target

      8ae0490cfd0e001a1c4dd6067658293554db517ab63187298fd88ea26607b130

    • Size

      522KB

    • MD5

      be9a003009955a22915d86ad735abbef

    • SHA1

      023f05b1214e3776f48c53f42b58febba97ca77f

    • SHA256

      8ae0490cfd0e001a1c4dd6067658293554db517ab63187298fd88ea26607b130

    • SHA512

      f19fb8aff431c8e5204d7f9d5176aac7e7e6d011e2dda8eaa54b98f8be1676388412484c2af6d7b51088e8e4352bba4f6f1f5d3fbeee6de6640bdc6f5052e67e

    Score
    10/10
    imminentspywaretrojan

    • Imminent RAT

      Remote-access trojan based on Imminent Monitor remote admin software.

      trojanspywareimminent

    • Checks computer location settings

      Looks up country code configured in the registry, likely geofence.

    • Drops desktop.ini file(s)

    • Suspicious use of SetThreadContext

    behavioral1behavioral2

MITRE ATT&CK Enterprise v6

Tasks