Overview

overview

10

Static

static

fc8c3adbe5...62.exe

windows7-x64

10

fc8c3adbe5...62.exe

windows10-2004-x64

10

Sharing

Copy URL
Twitter E-mail

General

  • Target

    fc8c3adbe5d8951e7c078230ac179a27188edd0bd304b1713119dab42c6a8362

  • Size

    1016KB

  • Sample

    221029-pgqm6sgagp

  • MD5

    75ed9790ee27e9d3fccee9c2ab3a413a

  • SHA1

    65d94cde9b36063a61f0a90426e59a68f943d2cd

  • SHA256

    fc8c3adbe5d8951e7c078230ac179a27188edd0bd304b1713119dab42c6a8362

  • SHA512

    3baf355fdfd3462ec4778696b71437b6a3a5e8d55e9013fcad0c93b8de6f3bc393e905e709c1df9609cbb83a8f020900d84daa4befcc487aa1ce7d8581545844

  • SSDEEP

    24576:BJviR+k4+sNEJiMSnpXqe3lM4wrEYAOjD:BFiHdiEJ1cpFV2QbO

Score
10/10
imminentspywaretrojan

Malware Config

Targets

    • Target

      fc8c3adbe5d8951e7c078230ac179a27188edd0bd304b1713119dab42c6a8362

    • Size

      1016KB

    • MD5

      75ed9790ee27e9d3fccee9c2ab3a413a

    • SHA1

      65d94cde9b36063a61f0a90426e59a68f943d2cd

    • SHA256

      fc8c3adbe5d8951e7c078230ac179a27188edd0bd304b1713119dab42c6a8362

    • SHA512

      3baf355fdfd3462ec4778696b71437b6a3a5e8d55e9013fcad0c93b8de6f3bc393e905e709c1df9609cbb83a8f020900d84daa4befcc487aa1ce7d8581545844

    • SSDEEP

      24576:BJviR+k4+sNEJiMSnpXqe3lM4wrEYAOjD:BFiHdiEJ1cpFV2QbO

    Score
    10/10
    imminentspywaretrojan

    • Imminent RAT

      Remote-access trojan based on Imminent Monitor remote admin software.

      trojanspywareimminent

    • Executes dropped EXE

    • Checks computer location settings

      Looks up country code configured in the registry, likely geofence.

    • Deletes itself

    • Loads dropped DLL

    • Drops desktop.ini file(s)

    • Suspicious use of SetThreadContext

    behavioral1behavioral2

MITRE ATT&CK Enterprise v6

Tasks