Overview

overview

10

Static

static

Trojan-Ran...er.exe

windows7-x64

10

Trojan-Ran...er.exe

windows10-2004-x64

10

Sharing

Copy URL
Twitter E-mail

General

  • Target

    Trojan-Ransom.Win32.Blocker.gbgl-614bfb4d7d1d87501ba90ca4c7feaf9c5027a7716b30377a6666e3cfa928bdb3

  • Size

    357KB

  • Sample

    221106-17nr2sgafj

  • MD5

    60a68fd68e8dfb3217f16c9ea32f3a89

  • SHA1

    5e1f336aaeec0904161aa4c8a0602bb40f337b40

  • SHA256

    614bfb4d7d1d87501ba90ca4c7feaf9c5027a7716b30377a6666e3cfa928bdb3

  • SHA512

    8b50263f5e9d76a8f20e852ce2df41cdd5f847861605ef9eeeab6a58e41986a7e9795e0d5e98abc3dbbf6b31dc051c6b930de68746235d33632632891c114bd4

  • SSDEEP

    6144:LFjUKbBhpFGOr3LHzwAgjJSHNDLA+L7jm6IeiEd2BzpCXZgrulky:LFQGH/7LHUAgjJSJfnjmNfzpoZgr9

Score
10/10
imminentspywaretrojan

Malware Config

Targets

    • Target

      Trojan-Ransom.Win32.Blocker.gbgl-614bfb4d7d1d87501ba90ca4c7feaf9c5027a7716b30377a6666e3cfa928bdb3

    • Size

      357KB

    • MD5

      60a68fd68e8dfb3217f16c9ea32f3a89

    • SHA1

      5e1f336aaeec0904161aa4c8a0602bb40f337b40

    • SHA256

      614bfb4d7d1d87501ba90ca4c7feaf9c5027a7716b30377a6666e3cfa928bdb3

    • SHA512

      8b50263f5e9d76a8f20e852ce2df41cdd5f847861605ef9eeeab6a58e41986a7e9795e0d5e98abc3dbbf6b31dc051c6b930de68746235d33632632891c114bd4

    • SSDEEP

      6144:LFjUKbBhpFGOr3LHzwAgjJSHNDLA+L7jm6IeiEd2BzpCXZgrulky:LFQGH/7LHUAgjJSJfnjmNfzpoZgr9

    Score
    10/10
    imminentspywaretrojan

    • Imminent RAT

      Remote-access trojan based on Imminent Monitor remote admin software.

      trojanspywareimminent

    • Drops desktop.ini file(s)

    • Suspicious use of SetThreadContext

    behavioral1behavioral2

MITRE ATT&CK Matrix

Tasks