General

  • Target

    c4ee35c5a13033a9adc0da1c99c9b4bbc9a7572ca4e697fa6868a8b44ff1987a

  • Size

    637KB

  • Sample

    221030-n9zk4saac8

  • MD5

    84feedb206ce6f56fcbea63636597780

  • SHA1

    7563c8c9531b872b787190a0cdb6fc168a3117ab

  • SHA256

    c4ee35c5a13033a9adc0da1c99c9b4bbc9a7572ca4e697fa6868a8b44ff1987a

  • SHA512

    1852cbaf9ce05f0539a160180ff0d2be4f75a1ea14d7acfa805402afd68e557cf600faab94877d619e40bffbf15002e8855c095829cb45902eef06369c2506ed

  • SSDEEP

    12288:+CPBprQ64gRZR6WRgb14aB1BveN14I8RotUP6fUsSO:jZprXPR3xKr4qktUPcS

Score
10/10

Malware Config

Targets

    • Target

      c4ee35c5a13033a9adc0da1c99c9b4bbc9a7572ca4e697fa6868a8b44ff1987a

    • Size

      637KB

    • MD5

      84feedb206ce6f56fcbea63636597780

    • SHA1

      7563c8c9531b872b787190a0cdb6fc168a3117ab

    • SHA256

      c4ee35c5a13033a9adc0da1c99c9b4bbc9a7572ca4e697fa6868a8b44ff1987a

    • SHA512

      1852cbaf9ce05f0539a160180ff0d2be4f75a1ea14d7acfa805402afd68e557cf600faab94877d619e40bffbf15002e8855c095829cb45902eef06369c2506ed

    • SSDEEP

      12288:+CPBprQ64gRZR6WRgb14aB1BveN14I8RotUP6fUsSO:jZprXPR3xKr4qktUPcS

    Score
    10/10
    • Imminent RAT

      Remote-access trojan based on Imminent Monitor remote admin software.

    • Executes dropped EXE

    • Checks computer location settings

      Looks up country code configured in the registry, likely geofence.

    • Loads dropped DLL

    • Drops desktop.ini file(s)

    • Suspicious use of SetThreadContext

MITRE ATT&CK Enterprise v6

Tasks