Overview

overview

10

Static

static

5

09d4d7ccd1...de.exe

windows7-x64

10

09d4d7ccd1...de.exe

windows10-2004-x64

10

Sharing

Copy URL Twitter E-mail

General

  • Target

    09d4d7ccd12e586f7c0d324929b5d8dd03bf21abd78068ee8cf7fc817f1a65de

  • Size

    1.2MB

  • Sample

    221127-nl142add28

  • MD5

    82fec36f4d5066df35d41c51abe52f0b

  • SHA1

    16a6e98937b9938282c1fbbcd68c7f8a3ebf31ab

  • SHA256

    09d4d7ccd12e586f7c0d324929b5d8dd03bf21abd78068ee8cf7fc817f1a65de

  • SHA512

    59a75b7f3dacf7fa5107a30cebc40ee0a7d8a61d16dbb80140f3bc068b4dd63af6becab214574752ba7d67ee82f53cef5837babb8d9eb838bd56d0a2c1149af8

  • SSDEEP

    24576:t4lavt0LkLL9IMixoEgead6vgYUhKYSQziUMP5vQq9MmCS:Ekwkn9IMHead6oYUNSJfh4aPCS

Score
10/10
imminentspywaretrojan

Malware Config

Targets

    • Target

      09d4d7ccd12e586f7c0d324929b5d8dd03bf21abd78068ee8cf7fc817f1a65de

    • Size

      1.2MB

    • MD5

      82fec36f4d5066df35d41c51abe52f0b

    • SHA1

      16a6e98937b9938282c1fbbcd68c7f8a3ebf31ab

    • SHA256

      09d4d7ccd12e586f7c0d324929b5d8dd03bf21abd78068ee8cf7fc817f1a65de

    • SHA512

      59a75b7f3dacf7fa5107a30cebc40ee0a7d8a61d16dbb80140f3bc068b4dd63af6becab214574752ba7d67ee82f53cef5837babb8d9eb838bd56d0a2c1149af8

    • SSDEEP

      24576:t4lavt0LkLL9IMixoEgead6vgYUhKYSQziUMP5vQq9MmCS:Ekwkn9IMHead6oYUNSJfh4aPCS

    Score
    10/10
    imminentspywaretrojan

    • Imminent RAT

      Remote-access trojan based on Imminent Monitor remote admin software.

      trojanspywareimminent

    • Executes dropped EXE

    • Checks computer location settings

      Looks up country code configured in the registry, likely geofence.

    • Loads dropped DLL

    • Drops desktop.ini file(s)

    behavioral1behavioral2

MITRE ATT&CK Enterprise v6

Tasks