Overview

overview

10

Static

static

svchost.exe

windows7_x64

10

svchost.exe

windows10-2004_x64

10

Sharing

Copy URL
Twitter E-mail

General

  • Target

    4113c08ece27222792b8f30a839b048c58f368310e53e9a0c370cf4fe273048a

  • Size

    323KB

  • Sample

    220708-hr2d4agce2

  • MD5

    9f6280e968e206b05dff51bcdef3e271

  • SHA1

    8502f1e1f2c509c6d27c436607c395be70d6921c

  • SHA256

    4113c08ece27222792b8f30a839b048c58f368310e53e9a0c370cf4fe273048a

  • SHA512

    1a659ff539263afef7c4ef03a1c0eeefef1d7db082b0b55a93bbff1a0d3cf6a021b9a8082689ec6d31b32e5de1f1d2d65910fe19d25bb04c695c27aeb0481d53

Score
10/10
imminentspywaretrojan

Malware Config

Targets

    • Target

      svchost.exe

    • Size

      421KB

    • MD5

      cd53aaba4ef4f8f8b8334e376755e75b

    • SHA1

      9bb985ee239f963cdcdf3910680a1564d0db6524

    • SHA256

      b0480be94b4504dcbd0463cb69acc97609cdd49b1cead7a6c8b6843180815aff

    • SHA512

      1ca4dd845e582f7e8af517ad094262a55fadbed2cc2c136050f04cb4220223c9b970cb6da6702362b24e5d2acfc262272486692cf29b2d90044f9c6564f32ff3

    Score
    10/10
    imminentspywaretrojan

    • Imminent RAT

      Remote-access trojan based on Imminent Monitor remote admin software.

      trojanspywareimminent

    • Checks computer location settings

      Looks up country code configured in the registry, likely geofence.

    • Drops desktop.ini file(s)

    behavioral1behavioral2

MITRE ATT&CK Enterprise v6

Tasks