General
-
Target
fa7eaa5c59411ad4c06f0f98ebbc7c444d8133fcfe98f7200c62e9686594387a
-
Size
1.1MB
-
Sample
221123-l23axsgc4w
-
MD5
55aaf5931e1f74b704044b846d2ffcdf
-
SHA1
1bf392fb69e3d76e4a105c8efe4ec2c9cab96e63
-
SHA256
fa7eaa5c59411ad4c06f0f98ebbc7c444d8133fcfe98f7200c62e9686594387a
-
SHA512
4ca8c392cb2c6db962df8cebb67cfaf9c0ee0f81e43dd9be058ff7cc2c851c4c9f4de8c264617293d32885b986e5dab3c030296237ea9ecd6f57c0702373bee8
-
SSDEEP
24576:t2O/Gl+L9i4SWzsCx592IRNHfOUED4RVPVI8Qyqd7FbO:sqn0IfHfOUEDAILyYhO
Malware Config
Targets
-
-
Target
fa7eaa5c59411ad4c06f0f98ebbc7c444d8133fcfe98f7200c62e9686594387a
-
Size
1.1MB
-
MD5
55aaf5931e1f74b704044b846d2ffcdf
-
SHA1
1bf392fb69e3d76e4a105c8efe4ec2c9cab96e63
-
SHA256
fa7eaa5c59411ad4c06f0f98ebbc7c444d8133fcfe98f7200c62e9686594387a
-
SHA512
4ca8c392cb2c6db962df8cebb67cfaf9c0ee0f81e43dd9be058ff7cc2c851c4c9f4de8c264617293d32885b986e5dab3c030296237ea9ecd6f57c0702373bee8
-
SSDEEP
24576:t2O/Gl+L9i4SWzsCx592IRNHfOUED4RVPVI8Qyqd7FbO:sqn0IfHfOUEDAILyYhO
Score10/10-
Imminent RAT
Remote-access trojan based on Imminent Monitor remote admin software.
-
Executes dropped EXE
-
Checks computer location settings
Looks up country code configured in the registry, likely geofence.
-
Loads dropped DLL
-
Adds Run key to start application
-
Checks whether UAC is enabled
-
Drops desktop.ini file(s)
-
Suspicious use of SetThreadContext
-