Overview

overview

10

Static

static

d30562f141...64.exe

windows7-x64

10

d30562f141...64.exe

windows10-2004-x64

10

Sharing

Copy URL
Twitter E-mail

General

  • Target

    d30562f14158445c8c9141d3d515c70b79e1b35bd9820fbedef6e373fc774b64

  • Size

    277KB

  • Sample

    221011-v7ydlagafk

  • MD5

    6b18605075467a654300af5153d23a00

  • SHA1

    8c97e30c945ccb0c4ab7981fc0fb1c78c7dc3f7b

  • SHA256

    d30562f14158445c8c9141d3d515c70b79e1b35bd9820fbedef6e373fc774b64

  • SHA512

    3272111f1b95f74c4a12c9eebe07d9de23a0281b9e3367bda21da87661b96c243d016d2c93bb49f56d9af1c1b9812b8f8dfa091db97874ae34881bdc6e31447b

  • SSDEEP

    6144:1q5+zFvSFCiTGVnyA4sdQSCWYcowHIXky7i7bOjytTfLdhOctlrBm:1q45vLAGt3N2SuR7aOjytPOIrBm

Score
10/10
imminentpersistencespywaretrojan

Malware Config

Targets

    • Target

      d30562f14158445c8c9141d3d515c70b79e1b35bd9820fbedef6e373fc774b64

    • Size

      277KB

    • MD5

      6b18605075467a654300af5153d23a00

    • SHA1

      8c97e30c945ccb0c4ab7981fc0fb1c78c7dc3f7b

    • SHA256

      d30562f14158445c8c9141d3d515c70b79e1b35bd9820fbedef6e373fc774b64

    • SHA512

      3272111f1b95f74c4a12c9eebe07d9de23a0281b9e3367bda21da87661b96c243d016d2c93bb49f56d9af1c1b9812b8f8dfa091db97874ae34881bdc6e31447b

    • SSDEEP

      6144:1q5+zFvSFCiTGVnyA4sdQSCWYcowHIXky7i7bOjytTfLdhOctlrBm:1q45vLAGt3N2SuR7aOjytPOIrBm

    Score
    10/10
    imminentpersistencespywaretrojan

    • Imminent RAT

      Remote-access trojan based on Imminent Monitor remote admin software.

      trojanspywareimminent

    • Executes dropped EXE

    • Checks computer location settings

      Looks up country code configured in the registry, likely geofence.

    • Deletes itself

    • Loads dropped DLL

    • Adds Run key to start application

      persistence

    • Drops desktop.ini file(s)

    behavioral1behavioral2

MITRE ATT&CK Enterprise v6

Tasks