Overview

overview

10

Static

static

ef4b3ffc69...f6.exe

windows7-x64

10

ef4b3ffc69...f6.exe

windows10-2004-x64

10

Sharing

Copy URL
Twitter E-mail

General

  • Target

    ef4b3ffc69ecf69409ae39f13507a9b4ad8aa010e6b1bf90080375031fc3ccf6

  • Size

    272KB

  • Sample

    221125-26fkqadg32

  • MD5

    e87802adc9385a9960d4d505bf9777ee

  • SHA1

    8acf181bcd2aa1288d454c980ceb67df235f8b07

  • SHA256

    ef4b3ffc69ecf69409ae39f13507a9b4ad8aa010e6b1bf90080375031fc3ccf6

  • SHA512

    ab1638215883d084a78471a0594be0e062d521e13231e495b17266dd5317c3af590153c4ef813d173c14afd70e9528499b3387a6ab0e2445ebf17cef2ba3548b

  • SSDEEP

    6144:/DzXdjKLCXJnmlrroy1pvj7WjDiuFCNBL/Yctlm:fJgCXJnmVnbXWjOGu1AIm

Score
10/10
imminentspywaretrojan

Malware Config

Targets

    • Target

      ef4b3ffc69ecf69409ae39f13507a9b4ad8aa010e6b1bf90080375031fc3ccf6

    • Size

      272KB

    • MD5

      e87802adc9385a9960d4d505bf9777ee

    • SHA1

      8acf181bcd2aa1288d454c980ceb67df235f8b07

    • SHA256

      ef4b3ffc69ecf69409ae39f13507a9b4ad8aa010e6b1bf90080375031fc3ccf6

    • SHA512

      ab1638215883d084a78471a0594be0e062d521e13231e495b17266dd5317c3af590153c4ef813d173c14afd70e9528499b3387a6ab0e2445ebf17cef2ba3548b

    • SSDEEP

      6144:/DzXdjKLCXJnmlrroy1pvj7WjDiuFCNBL/Yctlm:fJgCXJnmVnbXWjOGu1AIm

    Score
    10/10
    imminentspywaretrojan

    • Imminent RAT

      Remote-access trojan based on Imminent Monitor remote admin software.

      trojanspywareimminent

    • Executes dropped EXE

    • Checks computer location settings

      Looks up country code configured in the registry, likely geofence.

    • Deletes itself

    • Loads dropped DLL

    • Drops desktop.ini file(s)

    behavioral1behavioral2

MITRE ATT&CK Enterprise v6

Tasks