Overview

overview

10

Static

static

mykings.exe

windows7-x64

10

mykings.exe

windows10-2004-x64

10

Sharing

Copy URL
Twitter E-mail

General

  • Target

    mykings.exe

  • Size

    514KB

  • Sample

    221019-dlp2nafagp

  • MD5

    7b1536fea767c01956cefca4b3e2da23

  • SHA1

    3e76a59e3b9e70410948ff6bd9d7f3374d295d26

  • SHA256

    220745aef5e98325145f8598d36a4684788f2be0d5f654c1345cb999c40b1ddf

  • SHA512

    50ce4356a842a57705142b233528ff5fae6b716e8861cede95dab3dccb3db10e1e53f21d5bd9fec6225e798773b6f88c5258fae356997486a4fba4b929f586ec

  • SSDEEP

    12288:OLEgAabY972Sl4RNYZ/eQf537xIa9cpn5ygWFdfLPxF:OC8CyK4LYdFx3725/

Score
10/10
imminentspywaretrojan

Malware Config

Targets

    • Target

      mykings.exe

    • Size

      514KB

    • MD5

      7b1536fea767c01956cefca4b3e2da23

    • SHA1

      3e76a59e3b9e70410948ff6bd9d7f3374d295d26

    • SHA256

      220745aef5e98325145f8598d36a4684788f2be0d5f654c1345cb999c40b1ddf

    • SHA512

      50ce4356a842a57705142b233528ff5fae6b716e8861cede95dab3dccb3db10e1e53f21d5bd9fec6225e798773b6f88c5258fae356997486a4fba4b929f586ec

    • SSDEEP

      12288:OLEgAabY972Sl4RNYZ/eQf537xIa9cpn5ygWFdfLPxF:OC8CyK4LYdFx3725/

    Score
    10/10
    imminentspywaretrojan

    • Imminent RAT

      Remote-access trojan based on Imminent Monitor remote admin software.

      trojanspywareimminent

    • Executes dropped EXE

    • Checks computer location settings

      Looks up country code configured in the registry, likely geofence.

    • Loads dropped DLL

    • Drops desktop.ini file(s)

    behavioral1behavioral2

MITRE ATT&CK Enterprise v6

Tasks