Overview

overview

10

Static

static

7f4c241979...98.exe

windows7-x64

10

7f4c241979...98.exe

windows10-2004-x64

10

Sharing

Copy URL
Twitter E-mail

General

  • Target

    7f4c241979488a3c6f11f3bc3a312562bb8668684da069498405daa4ae3f8c98

  • Size

    735KB

  • Sample

    221127-s2n7macg2x

  • MD5

    d544074edcf4c61af1da32fe6ee61191

  • SHA1

    32511a480c390cead38e014e88a7b48ea954c790

  • SHA256

    7f4c241979488a3c6f11f3bc3a312562bb8668684da069498405daa4ae3f8c98

  • SHA512

    6cd097e562a428e18dc884ce4fcb1ef16ca4714085a7c0e68f443a81a1204c4046c96827cc62ef20ffee5b937dff392a234c7d2aebcce31ca21b9863fa788b40

  • SSDEEP

    12288:0CmhzJTatsXiZZcOg44rpTivXh3I/VbSzQv5WBDVL8DigqmsheQG8:ztsXiHDv4rpivXpoVbSsRWB5L8DQh

Score
10/10
imminentpersistencespywaretrojan

Malware Config

Targets

    • Target

      7f4c241979488a3c6f11f3bc3a312562bb8668684da069498405daa4ae3f8c98

    • Size

      735KB

    • MD5

      d544074edcf4c61af1da32fe6ee61191

    • SHA1

      32511a480c390cead38e014e88a7b48ea954c790

    • SHA256

      7f4c241979488a3c6f11f3bc3a312562bb8668684da069498405daa4ae3f8c98

    • SHA512

      6cd097e562a428e18dc884ce4fcb1ef16ca4714085a7c0e68f443a81a1204c4046c96827cc62ef20ffee5b937dff392a234c7d2aebcce31ca21b9863fa788b40

    • SSDEEP

      12288:0CmhzJTatsXiZZcOg44rpTivXh3I/VbSzQv5WBDVL8DigqmsheQG8:ztsXiHDv4rpivXpoVbSsRWB5L8DQh

    Score
    10/10
    imminentpersistencespywaretrojan

    • Imminent RAT

      Remote-access trojan based on Imminent Monitor remote admin software.

      trojanspywareimminent

    • Modifies WinLogon for persistence

      persistence

    • Drops desktop.ini file(s)

    • Suspicious use of SetThreadContext

    behavioral1behavioral2

MITRE ATT&CK Enterprise v6

Tasks