Overview

overview

10

Static

static

36366a704a...0a.exe

windows7-x64

1

36366a704a...0a.exe

windows10-2004-x64

10

Sharing

Copy URL
Twitter E-mail

General

  • Target

    36366a704a79506f67dd9d0641b6da262f17aaeae25b1b4e69514d3302aa450a

  • Size

    2.4MB

  • Sample

    221123-lnebyabg72

  • MD5

    8153645c943f751ada0e6c5bc7889b3a

  • SHA1

    1508d80e2a596a334e3b805d24ad9bd12278c117

  • SHA256

    36366a704a79506f67dd9d0641b6da262f17aaeae25b1b4e69514d3302aa450a

  • SHA512

    418eba15af2b9a27a1cc88ed963047cef1e312686076f74033c6a0bd29d2f7c78e5876dd602adc12ede45d4380989ce57203f068e35042380e11796418d371ad

  • SSDEEP

    24576:D89z7zB5kXOt0TPEG2Ah0OcPbPaQq2CiB6oeWOvc9e2Nt2mkZQxSooqm3tKfyGO7:o9zfqd

Score
10/10
imminentpersistencespywaretrojan

Malware Config

Targets

    • Target

      36366a704a79506f67dd9d0641b6da262f17aaeae25b1b4e69514d3302aa450a

    • Size

      2.4MB

    • MD5

      8153645c943f751ada0e6c5bc7889b3a

    • SHA1

      1508d80e2a596a334e3b805d24ad9bd12278c117

    • SHA256

      36366a704a79506f67dd9d0641b6da262f17aaeae25b1b4e69514d3302aa450a

    • SHA512

      418eba15af2b9a27a1cc88ed963047cef1e312686076f74033c6a0bd29d2f7c78e5876dd602adc12ede45d4380989ce57203f068e35042380e11796418d371ad

    • SSDEEP

      24576:D89z7zB5kXOt0TPEG2Ah0OcPbPaQq2CiB6oeWOvc9e2Nt2mkZQxSooqm3tKfyGO7:o9zfqd

    Score
    10/10
    imminentpersistencespywaretrojan

    • Imminent RAT

      Remote-access trojan based on Imminent Monitor remote admin software.

      trojanspywareimminent

    • Executes dropped EXE

    • Checks computer location settings

      Looks up country code configured in the registry, likely geofence.

    • Adds Run key to start application

      persistence

    • Drops desktop.ini file(s)

    • Suspicious use of SetThreadContext

    behavioral1behavioral2

MITRE ATT&CK Enterprise v6

Tasks