Overview

overview

10

Static

static

4a09d7c4b6...62.exe

windows7-x64

10

4a09d7c4b6...62.exe

windows10-2004-x64

10

Sharing

Copy URL
Twitter E-mail

General

  • Target

    4a09d7c4b6d0aeca66f2c122dfb87d962de77a7916152dc0f4c73dc6a3c65562

  • Size

    292KB

  • Sample

    221029-g3lx4sdhg3

  • MD5

    b5707c99e8efb84b4c4e241e59b213b1

  • SHA1

    f679f3871f61771d6ce979483d41c8033f06ef2d

  • SHA256

    4a09d7c4b6d0aeca66f2c122dfb87d962de77a7916152dc0f4c73dc6a3c65562

  • SHA512

    1d9496be34428d51bc4f297919b462b98027b049b184ee3acc6cf4139b70d4e242745d72d8dc94cdc3875ce3a6d3a88ad68df0f1e263d90b4db8780288bec7d1

  • SSDEEP

    6144:E0I5pAVaHnVtoNSWelUZ54Cv2zznu+hTUH0qqIuAC0mx8TCvOxf72wrX+USctl:E0I5qCnvxWOa54KGK+r8hQe7iwrX+USI

Score
10/10
imminentpersistencespywaretrojan

Malware Config

Targets

    • Target

      4a09d7c4b6d0aeca66f2c122dfb87d962de77a7916152dc0f4c73dc6a3c65562

    • Size

      292KB

    • MD5

      b5707c99e8efb84b4c4e241e59b213b1

    • SHA1

      f679f3871f61771d6ce979483d41c8033f06ef2d

    • SHA256

      4a09d7c4b6d0aeca66f2c122dfb87d962de77a7916152dc0f4c73dc6a3c65562

    • SHA512

      1d9496be34428d51bc4f297919b462b98027b049b184ee3acc6cf4139b70d4e242745d72d8dc94cdc3875ce3a6d3a88ad68df0f1e263d90b4db8780288bec7d1

    • SSDEEP

      6144:E0I5pAVaHnVtoNSWelUZ54Cv2zznu+hTUH0qqIuAC0mx8TCvOxf72wrX+USctl:E0I5qCnvxWOa54KGK+r8hQe7iwrX+USI

    Score
    10/10
    imminentpersistencespywaretrojan

    • Imminent RAT

      Remote-access trojan based on Imminent Monitor remote admin software.

      trojanspywareimminent

    • Checks computer location settings

      Looks up country code configured in the registry, likely geofence.

    • Loads dropped DLL

    • Adds Run key to start application

      persistence
    behavioral1behavioral2

MITRE ATT&CK Enterprise v6

Tasks