General
-
Target
2729edf1cd6c08ad3d2d3a9beda699ec07bb127b9ca89bc106a0629b2b6dd78b
-
Size
285KB
-
Sample
221123-r4madaad35
-
MD5
7cf9bc77059674faed62ee35f395f4da
-
SHA1
0f5ed423b42ccd084b4450883de8f85056cf15c5
-
SHA256
2729edf1cd6c08ad3d2d3a9beda699ec07bb127b9ca89bc106a0629b2b6dd78b
-
SHA512
54561e7ef77efb35b576420f26b0adb5ccc17ceba37aa38cb79bf7c9d1ae1077d3942a646ea97f5a3024e9e6a620ae3ae51a8af6e3f9723ac11db827e4dba465
-
SSDEEP
6144:zyS+l/3Lajdu8MqKIkYHZuZt9lsy3Q5W/4DjvVxKo2actl/K:Qd3LEdaqXk39myhwjvDKo2aI/K
Malware Config
Targets
-
-
Target
2729edf1cd6c08ad3d2d3a9beda699ec07bb127b9ca89bc106a0629b2b6dd78b
-
Size
285KB
-
MD5
7cf9bc77059674faed62ee35f395f4da
-
SHA1
0f5ed423b42ccd084b4450883de8f85056cf15c5
-
SHA256
2729edf1cd6c08ad3d2d3a9beda699ec07bb127b9ca89bc106a0629b2b6dd78b
-
SHA512
54561e7ef77efb35b576420f26b0adb5ccc17ceba37aa38cb79bf7c9d1ae1077d3942a646ea97f5a3024e9e6a620ae3ae51a8af6e3f9723ac11db827e4dba465
-
SSDEEP
6144:zyS+l/3Lajdu8MqKIkYHZuZt9lsy3Q5W/4DjvVxKo2actl/K:Qd3LEdaqXk39myhwjvDKo2aI/K
Score10/10-
Imminent RAT
Remote-access trojan based on Imminent Monitor remote admin software.
-
Executes dropped EXE
-
Checks computer location settings
Looks up country code configured in the registry, likely geofence.
-
Deletes itself
-
Loads dropped DLL
-
Adds Run key to start application
-
Drops desktop.ini file(s)
-