Overview

overview

10

Static

static

b6084a3b20...52.exe

windows7-x64

10

b6084a3b20...52.exe

windows10-2004-x64

10

Sharing

Copy URL
Twitter E-mail

General

  • Target

    b6084a3b20fbfb3671efb11ecc1925a77642817fa1febdaad4ab40249ff65352

  • Size

    544KB

  • Sample

    221128-xk9jfsha74

  • MD5

    ac9adcf9c0f19476f9debb0ff48676db

  • SHA1

    8be077d769a213eeba527f829de9884258e8e7a8

  • SHA256

    b6084a3b20fbfb3671efb11ecc1925a77642817fa1febdaad4ab40249ff65352

  • SHA512

    20fd17180e1952172dae9199cbb4e5d9bca615fdbba4eb3a0c5d1689bcabe3818fefc5dabb4173d8c2a2cd45bca450d293b48bf882bca0290a5da4763ccb09ba

  • SSDEEP

    12288:Wsb2/8SzNR/PaeuON0bV6poji92FtcHqiijKdiZ:Wf/FzHEON0h0T92FyKiijsg

Score
10/10
imminentpersistencespywaretrojan

Malware Config

Targets

    • Target

      b6084a3b20fbfb3671efb11ecc1925a77642817fa1febdaad4ab40249ff65352

    • Size

      544KB

    • MD5

      ac9adcf9c0f19476f9debb0ff48676db

    • SHA1

      8be077d769a213eeba527f829de9884258e8e7a8

    • SHA256

      b6084a3b20fbfb3671efb11ecc1925a77642817fa1febdaad4ab40249ff65352

    • SHA512

      20fd17180e1952172dae9199cbb4e5d9bca615fdbba4eb3a0c5d1689bcabe3818fefc5dabb4173d8c2a2cd45bca450d293b48bf882bca0290a5da4763ccb09ba

    • SSDEEP

      12288:Wsb2/8SzNR/PaeuON0bV6poji92FtcHqiijKdiZ:Wf/FzHEON0h0T92FyKiijsg

    Score
    10/10
    imminentpersistencespywaretrojan

    • Imminent RAT

      Remote-access trojan based on Imminent Monitor remote admin software.

      trojanspywareimminent

    • Modifies WinLogon for persistence

      persistence

    • Drops desktop.ini file(s)

    • Suspicious use of SetThreadContext

    behavioral1behavioral2

MITRE ATT&CK Enterprise v6

Tasks