General

  • Target

    031c9a8ee79ced6fc22d723a41ddbd3d57a9003001dbcc0eaf693f9e4f59bc48

  • Size

    413KB

  • Sample

    221029-hde9psfbbr

  • MD5

    d2dceadcd333cb893138bdeb7e98442c

  • SHA1

    1a061876af7f541ad9c5dc93acc429db3157abc7

  • SHA256

    031c9a8ee79ced6fc22d723a41ddbd3d57a9003001dbcc0eaf693f9e4f59bc48

  • SHA512

    0357625c6d18fb08777436969baf2eb1bf574dc412a4de0e05a14163e9eea6b15e7b9e0ae4763298405c076d02c9f7c952ec3b89a2f820bc4939fa3f299c9a93

  • SSDEEP

    6144:guv+Fddb+BBoXWOsu72e97HTtlRHSK1PMLNmfPgNfImkTfti3Mpm8vQgZd+Wv:T2aBo/HVSIPMLvQm2w3Mpm8vQgZd+Wv

Malware Config

Targets

    • Target

      031c9a8ee79ced6fc22d723a41ddbd3d57a9003001dbcc0eaf693f9e4f59bc48

    • Size

      413KB

    • MD5

      d2dceadcd333cb893138bdeb7e98442c

    • SHA1

      1a061876af7f541ad9c5dc93acc429db3157abc7

    • SHA256

      031c9a8ee79ced6fc22d723a41ddbd3d57a9003001dbcc0eaf693f9e4f59bc48

    • SHA512

      0357625c6d18fb08777436969baf2eb1bf574dc412a4de0e05a14163e9eea6b15e7b9e0ae4763298405c076d02c9f7c952ec3b89a2f820bc4939fa3f299c9a93

    • SSDEEP

      6144:guv+Fddb+BBoXWOsu72e97HTtlRHSK1PMLNmfPgNfImkTfti3Mpm8vQgZd+Wv:T2aBo/HVSIPMLvQm2w3Mpm8vQgZd+Wv

    • Imminent RAT

      Remote-access trojan based on Imminent Monitor remote admin software.

    • Adds Run key to start application

    • Suspicious use of SetThreadContext

MITRE ATT&CK Enterprise v6

Tasks