General
-
Target
fdc5e4acc0deabd8ecbd9da8b895fd6636aa0b426fb10b23a94a8ab4233bee71
-
Size
282KB
-
Sample
221127-bnf6esdc9v
-
MD5
5a01389f7ff9377d4989af22abb57e48
-
SHA1
6e5b77d5d7969a6640a30e0252b92b3bc4df11a5
-
SHA256
fdc5e4acc0deabd8ecbd9da8b895fd6636aa0b426fb10b23a94a8ab4233bee71
-
SHA512
4afdc471f72c81988a9ed6f60dd151ac7d3b23cc2efdb711a519f42805c0ac5cde5e5200486aed978805a34b43423c8307c506606590a69158a54a3b5aa5a1aa
-
SSDEEP
6144:i/LFWA8yi6hcfX/uxlrWxM1WyxnlVUO7gHB89ULeuEwLTRGS:AVi2cfXmxdyMLxlX7gh8QpLToS
Malware Config
Targets
-
-
Target
fdc5e4acc0deabd8ecbd9da8b895fd6636aa0b426fb10b23a94a8ab4233bee71
-
Size
282KB
-
MD5
5a01389f7ff9377d4989af22abb57e48
-
SHA1
6e5b77d5d7969a6640a30e0252b92b3bc4df11a5
-
SHA256
fdc5e4acc0deabd8ecbd9da8b895fd6636aa0b426fb10b23a94a8ab4233bee71
-
SHA512
4afdc471f72c81988a9ed6f60dd151ac7d3b23cc2efdb711a519f42805c0ac5cde5e5200486aed978805a34b43423c8307c506606590a69158a54a3b5aa5a1aa
-
SSDEEP
6144:i/LFWA8yi6hcfX/uxlrWxM1WyxnlVUO7gHB89ULeuEwLTRGS:AVi2cfXmxdyMLxlX7gh8QpLToS
Score10/10-
Imminent RAT
Remote-access trojan based on Imminent Monitor remote admin software.
-
Executes dropped EXE
-
Checks computer location settings
Looks up country code configured in the registry, likely geofence.
-
Loads dropped DLL
-
Adds Run key to start application
-
Drops desktop.ini file(s)
-
Suspicious use of SetThreadContext
-