General
-
Target
db3d8735d2ca09e5121050315622bc13f175b4dbf4a2f1033a9a53fc81c02dec
-
Size
457KB
-
Sample
221123-syz5qaff7s
-
MD5
0243c5e1b104b582816043b410921bb0
-
SHA1
2e185966a790f5d621d309d84e5f4e64e6c4782c
-
SHA256
db3d8735d2ca09e5121050315622bc13f175b4dbf4a2f1033a9a53fc81c02dec
-
SHA512
6d7f718036c8c7dd306408e072199c4261aa72e7e41cdb7b7b8e88697641b43918d04d56d9ad2b2a7097043ad5f26a56c8ff41b62be04d131a3c83a1c3fa8efc
-
SSDEEP
6144:JbeZ3OkIDFxZ683VHyjIVYc95+e0bnMRZdRA/DSgMfp5jOS8cgGYE9b9qCDaf:JMe5xZ6+JVYc9erbPmTjOS6jYe
Malware Config
Targets
-
-
Target
db3d8735d2ca09e5121050315622bc13f175b4dbf4a2f1033a9a53fc81c02dec
-
Size
457KB
-
MD5
0243c5e1b104b582816043b410921bb0
-
SHA1
2e185966a790f5d621d309d84e5f4e64e6c4782c
-
SHA256
db3d8735d2ca09e5121050315622bc13f175b4dbf4a2f1033a9a53fc81c02dec
-
SHA512
6d7f718036c8c7dd306408e072199c4261aa72e7e41cdb7b7b8e88697641b43918d04d56d9ad2b2a7097043ad5f26a56c8ff41b62be04d131a3c83a1c3fa8efc
-
SSDEEP
6144:JbeZ3OkIDFxZ683VHyjIVYc95+e0bnMRZdRA/DSgMfp5jOS8cgGYE9b9qCDaf:JMe5xZ6+JVYc9erbPmTjOS6jYe
Score10/10-
Imminent RAT
Remote-access trojan based on Imminent Monitor remote admin software.
-
Executes dropped EXE
-
Checks computer location settings
Looks up country code configured in the registry, likely geofence.
-
Loads dropped DLL
-
Adds Run key to start application
-
Drops desktop.ini file(s)
-
Suspicious use of SetThreadContext
-