General

  • Target

    6f9587dc0858a61e3b691c3279abed22444ea095cf99b3653bedb63e357cec3a

  • Size

    322KB

  • Sample

    220701-gjt5daefej

  • MD5

    5facc81dd393a13770c9051558b55c3b

  • SHA1

    eb22872bb2a24200461ffbfe0821e45d9b0e0a0a

  • SHA256

    6f9587dc0858a61e3b691c3279abed22444ea095cf99b3653bedb63e357cec3a

  • SHA512

    fb8ae3b46a62193f61b778c1250e3a98a2ede970d50ec403131cd22035f81dc2234b896cf8c97217b9c647fa79342ac600527ecc76f1d5a9fddc0745bdad570e

Score
10/10

Malware Config

Targets

    • Target

      6f9587dc0858a61e3b691c3279abed22444ea095cf99b3653bedb63e357cec3a

    • Size

      322KB

    • MD5

      5facc81dd393a13770c9051558b55c3b

    • SHA1

      eb22872bb2a24200461ffbfe0821e45d9b0e0a0a

    • SHA256

      6f9587dc0858a61e3b691c3279abed22444ea095cf99b3653bedb63e357cec3a

    • SHA512

      fb8ae3b46a62193f61b778c1250e3a98a2ede970d50ec403131cd22035f81dc2234b896cf8c97217b9c647fa79342ac600527ecc76f1d5a9fddc0745bdad570e

    Score
    10/10
    • Imminent RAT

      Remote-access trojan based on Imminent Monitor remote admin software.

    • Executes dropped EXE

    • Checks computer location settings

      Looks up country code configured in the registry, likely geofence.

    • Deletes itself

    • Loads dropped DLL

MITRE ATT&CK Enterprise v6

Tasks