General

  • Target

    663d595bbc7b7b44651fcaeffb0e4f0679f6e042b448184a0ba55543b0341653

  • Size

    321KB

  • Sample

    220724-ya74badge2

  • MD5

    3be4f1947efeb4143f7e3b951f6649b5

  • SHA1

    00e53e73138d821fb911560fa220159522633249

  • SHA256

    663d595bbc7b7b44651fcaeffb0e4f0679f6e042b448184a0ba55543b0341653

  • SHA512

    ed30e0265a8e9286da36c3e5a90f62a5be0b87b3587923285aa255be89c60145780d535ec141b2948a868a89709dad56552512ecfe6f3900ea3d0a001001d567

Score
10/10

Malware Config

Targets

    • Target

      663d595bbc7b7b44651fcaeffb0e4f0679f6e042b448184a0ba55543b0341653

    • Size

      321KB

    • MD5

      3be4f1947efeb4143f7e3b951f6649b5

    • SHA1

      00e53e73138d821fb911560fa220159522633249

    • SHA256

      663d595bbc7b7b44651fcaeffb0e4f0679f6e042b448184a0ba55543b0341653

    • SHA512

      ed30e0265a8e9286da36c3e5a90f62a5be0b87b3587923285aa255be89c60145780d535ec141b2948a868a89709dad56552512ecfe6f3900ea3d0a001001d567

    Score
    10/10
    • Imminent RAT

      Remote-access trojan based on Imminent Monitor remote admin software.

    • Executes dropped EXE

    • Checks computer location settings

      Looks up country code configured in the registry, likely geofence.

    • Loads dropped DLL

    • Drops desktop.ini file(s)

MITRE ATT&CK Enterprise v6

Tasks