General
-
Target
454f9af37fe145ffc233b3e24eec3e43098e1d0186ac2deadffbae2addb05a1d
-
Size
385KB
-
Sample
221123-rsw1fahd74
-
MD5
04cfc2135b1bf2061b5893d826536a23
-
SHA1
af152c1d257812a315c4e36bb71b871f09bfa47c
-
SHA256
454f9af37fe145ffc233b3e24eec3e43098e1d0186ac2deadffbae2addb05a1d
-
SHA512
b364b7f53eeeee263a7f1687cb1a55428ec5d2d99b5698d05cc0f67b674314a693bd9b49f4b122f3d333354a978f81d109345b1d074737f30aadbb7067834335
-
SSDEEP
6144:g5GxLm5HeuV6VeAJiGE5+I6e2aD+4B6htvOi/+k/Igk2b3LQlwkGnTLELguh9NbE:ikLIHFLAMGEBUq+uluggkC7QifTLULbE
Malware Config
Targets
-
-
Target
454f9af37fe145ffc233b3e24eec3e43098e1d0186ac2deadffbae2addb05a1d
-
Size
385KB
-
MD5
04cfc2135b1bf2061b5893d826536a23
-
SHA1
af152c1d257812a315c4e36bb71b871f09bfa47c
-
SHA256
454f9af37fe145ffc233b3e24eec3e43098e1d0186ac2deadffbae2addb05a1d
-
SHA512
b364b7f53eeeee263a7f1687cb1a55428ec5d2d99b5698d05cc0f67b674314a693bd9b49f4b122f3d333354a978f81d109345b1d074737f30aadbb7067834335
-
SSDEEP
6144:g5GxLm5HeuV6VeAJiGE5+I6e2aD+4B6htvOi/+k/Igk2b3LQlwkGnTLELguh9NbE:ikLIHFLAMGEBUq+uluggkC7QifTLULbE
Score10/10-
Imminent RAT
Remote-access trojan based on Imminent Monitor remote admin software.
-
Executes dropped EXE
-
Checks computer location settings
Looks up country code configured in the registry, likely geofence.
-
Loads dropped DLL
-
Adds Run key to start application
-
Drops desktop.ini file(s)
-
Suspicious use of SetThreadContext
-