Overview

overview

10

Static

static

826b231478...49.exe

windows7-x64

10

826b231478...49.exe

windows10-2004-x64

10

Sharing

Copy URL
Twitter E-mail

General

  • Target

    826b23147852b5b70787d19ba576e73e424387ee27b254263cab5696f0923849

  • Size

    271KB

  • Sample

    221125-jd4sqsbc39

  • MD5

    46a0a1ecb232c97395a660d850a99f56

  • SHA1

    ad8f0ab92f79b21a9ef3e5b73dbe988cdadf9fec

  • SHA256

    826b23147852b5b70787d19ba576e73e424387ee27b254263cab5696f0923849

  • SHA512

    f7534fc7142ccba6cf945f07f0453c9a950654b1ae1cec743e99e852da77556eb772e61d0aa91fa5cb75efb1e84d37298bc9d22ec0233d7603048ce2e93ec695

  • SSDEEP

    6144:ucMZlCkk5EEeAN6toiBR47/j8Z0nIaorVWRF8OL2PDYctl1:bMZlC6O6peK0nerVWRaW2PDYI1

Score
10/10
imminentpersistencespywaretrojan

Malware Config

Targets

    • Target

      826b23147852b5b70787d19ba576e73e424387ee27b254263cab5696f0923849

    • Size

      271KB

    • MD5

      46a0a1ecb232c97395a660d850a99f56

    • SHA1

      ad8f0ab92f79b21a9ef3e5b73dbe988cdadf9fec

    • SHA256

      826b23147852b5b70787d19ba576e73e424387ee27b254263cab5696f0923849

    • SHA512

      f7534fc7142ccba6cf945f07f0453c9a950654b1ae1cec743e99e852da77556eb772e61d0aa91fa5cb75efb1e84d37298bc9d22ec0233d7603048ce2e93ec695

    • SSDEEP

      6144:ucMZlCkk5EEeAN6toiBR47/j8Z0nIaorVWRF8OL2PDYctl1:bMZlC6O6peK0nerVWRaW2PDYI1

    Score
    10/10
    imminentpersistencespywaretrojan

    • Imminent RAT

      Remote-access trojan based on Imminent Monitor remote admin software.

      trojanspywareimminent

    • Adds Run key to start application

      persistence

    • Drops desktop.ini file(s)

    behavioral1behavioral2

MITRE ATT&CK Matrix ATT&CK v6

Initial Access

Execution

Persistence

Registry Run Keys / Startup Folder

1
T1060

Privilege Escalation

Defense Evasion

Modify Registry

1
T1112

Credential Access

Discovery

Lateral Movement

Collection

Exfiltration

Command and Control

Impact

Tasks