General
-
Target
8cafe642dbe02d9f2fc284e7deaa9e40ccc317091340b2a9e79b33f5daeb5f7c
-
Size
272KB
-
Sample
221126-21sm4afb4y
-
MD5
36ba0cb1e5fbbcf2f0243e376ebe2b2e
-
SHA1
36e4a649cdd7101a8096470c66a3a30b6e9e6144
-
SHA256
8cafe642dbe02d9f2fc284e7deaa9e40ccc317091340b2a9e79b33f5daeb5f7c
-
SHA512
b57f36302711e82327b8eb5ad2adf8ec4ff00efa2867b23ecf12b8411ced1b8dba11ac8a9faf6aac150925febab00468f513eb5f520a19d2cfaee4d8172f2b61
-
SSDEEP
6144:x81ynrsr6WJOeF/5kZMKZSDVZ6g7LaIQ4VRlxr3N3ctlTY:urdJOsvVZL3Q4nHrxITY
Malware Config
Targets
-
-
Target
8cafe642dbe02d9f2fc284e7deaa9e40ccc317091340b2a9e79b33f5daeb5f7c
-
Size
272KB
-
MD5
36ba0cb1e5fbbcf2f0243e376ebe2b2e
-
SHA1
36e4a649cdd7101a8096470c66a3a30b6e9e6144
-
SHA256
8cafe642dbe02d9f2fc284e7deaa9e40ccc317091340b2a9e79b33f5daeb5f7c
-
SHA512
b57f36302711e82327b8eb5ad2adf8ec4ff00efa2867b23ecf12b8411ced1b8dba11ac8a9faf6aac150925febab00468f513eb5f520a19d2cfaee4d8172f2b61
-
SSDEEP
6144:x81ynrsr6WJOeF/5kZMKZSDVZ6g7LaIQ4VRlxr3N3ctlTY:urdJOsvVZL3Q4nHrxITY
Score10/10-
Imminent RAT
Remote-access trojan based on Imminent Monitor remote admin software.
-
Executes dropped EXE
-
Checks computer location settings
Looks up country code configured in the registry, likely geofence.
-
Deletes itself
-
Loads dropped DLL
-
Adds Run key to start application
-
Drops desktop.ini file(s)
-