General
-
Target
402d6e68600b71eadd5fde2239363287962525935c0639f0a149bf6a9e04945c
-
Size
271KB
-
Sample
221123-rvlbqahe87
-
MD5
c238b0d3cdd6ca72003e01b29bf3ddf7
-
SHA1
26ebb8833981cadd288f579fc0a75d24a9faecaf
-
SHA256
402d6e68600b71eadd5fde2239363287962525935c0639f0a149bf6a9e04945c
-
SHA512
d406a5bf8c19d7b82c9610639254fc40a224156c81e9fee2de34af9731648436291a8cb3b1769706b58d0744e23b30cf1b156214380ad177b67bccece4a5246d
-
SSDEEP
6144:ErL9IN25Y5iBsxchLMQq3BdqpIfnquBIK2l/3Hctlff:EL9IkUms6FnqRiuSl/XIff
Malware Config
Targets
-
-
Target
402d6e68600b71eadd5fde2239363287962525935c0639f0a149bf6a9e04945c
-
Size
271KB
-
MD5
c238b0d3cdd6ca72003e01b29bf3ddf7
-
SHA1
26ebb8833981cadd288f579fc0a75d24a9faecaf
-
SHA256
402d6e68600b71eadd5fde2239363287962525935c0639f0a149bf6a9e04945c
-
SHA512
d406a5bf8c19d7b82c9610639254fc40a224156c81e9fee2de34af9731648436291a8cb3b1769706b58d0744e23b30cf1b156214380ad177b67bccece4a5246d
-
SSDEEP
6144:ErL9IN25Y5iBsxchLMQq3BdqpIfnquBIK2l/3Hctlff:EL9IkUms6FnqRiuSl/XIff
Score10/10-
Imminent RAT
Remote-access trojan based on Imminent Monitor remote admin software.
-
Executes dropped EXE
-
Checks computer location settings
Looks up country code configured in the registry, likely geofence.
-
Deletes itself
-
Loads dropped DLL
-
Adds Run key to start application
-