Overview

overview

10

Static

static

35ff2888fa...7b.exe

windows7_x64

10

35ff2888fa...7b.exe

windows10-2004_x64

10

Sharing

Copy URL
Twitter E-mail

General

  • Target

    35ff2888fadc04bb8184f63f89f5c202345dd57621ff3f3875b9658abe945a7b

  • Size

    523KB

  • Sample

    220626-2byg2segf3

  • MD5

    41a3e0dd6ab0f5f9539fb73d240c0a2d

  • SHA1

    adfc196561eedc3ae9eb93a0a804934e5d971a05

  • SHA256

    35ff2888fadc04bb8184f63f89f5c202345dd57621ff3f3875b9658abe945a7b

  • SHA512

    c103ddcfabd7bd01537a34ef9766485fb7d47af183e20f5e87b54420a100626b13cd65b83c2d07abf76ae2df1813c200b4547e61ba6956134a232680a3a6cda6

Score
10/10
imminentspywaretrojan

Malware Config

Targets

    • Target

      35ff2888fadc04bb8184f63f89f5c202345dd57621ff3f3875b9658abe945a7b

    • Size

      523KB

    • MD5

      41a3e0dd6ab0f5f9539fb73d240c0a2d

    • SHA1

      adfc196561eedc3ae9eb93a0a804934e5d971a05

    • SHA256

      35ff2888fadc04bb8184f63f89f5c202345dd57621ff3f3875b9658abe945a7b

    • SHA512

      c103ddcfabd7bd01537a34ef9766485fb7d47af183e20f5e87b54420a100626b13cd65b83c2d07abf76ae2df1813c200b4547e61ba6956134a232680a3a6cda6

    Score
    10/10
    imminentspywaretrojan

    • Imminent RAT

      Remote-access trojan based on Imminent Monitor remote admin software.

      trojanspywareimminent

    • Checks computer location settings

      Looks up country code configured in the registry, likely geofence.

    • Drops desktop.ini file(s)

    • Suspicious use of SetThreadContext

    behavioral1behavioral2

MITRE ATT&CK Enterprise v6

Tasks