Overview

overview

10

Static

static

38c84d485d...21.exe

windows7-x64

10

38c84d485d...21.exe

windows10-2004-x64

10

Sharing

Copy URL
Twitter E-mail

General

  • Target

    38c84d485da752941389ad2b741dcb1a099030206cf8cfe2b94166b6d4d9d921

  • Size

    803KB

  • Sample

    221128-xw7t1aea4s

  • MD5

    6fdacfe2a491500711f44878ead59037

  • SHA1

    a98743f06c754f69f8a189e254e9f387eb89892e

  • SHA256

    38c84d485da752941389ad2b741dcb1a099030206cf8cfe2b94166b6d4d9d921

  • SHA512

    01dd51de02b1e5ca2f763c8aac2ec91b321b0db07291cb9926e33a48640fb0f0e927c586726ef8c84927c1f38f8934ae62049fb94a1fe5cc82c07c5e6a178690

  • SSDEEP

    12288:bLbUQcstd71WQCY9uZ7WdON3Zbf2VSCJW+EBOiYTLPDtlBT2N:LagVM0uCObf2SSXfi8lBT2N

Score
10/10
imminentpersistencespywaretrojan

Malware Config

Targets

    • Target

      38c84d485da752941389ad2b741dcb1a099030206cf8cfe2b94166b6d4d9d921

    • Size

      803KB

    • MD5

      6fdacfe2a491500711f44878ead59037

    • SHA1

      a98743f06c754f69f8a189e254e9f387eb89892e

    • SHA256

      38c84d485da752941389ad2b741dcb1a099030206cf8cfe2b94166b6d4d9d921

    • SHA512

      01dd51de02b1e5ca2f763c8aac2ec91b321b0db07291cb9926e33a48640fb0f0e927c586726ef8c84927c1f38f8934ae62049fb94a1fe5cc82c07c5e6a178690

    • SSDEEP

      12288:bLbUQcstd71WQCY9uZ7WdON3Zbf2VSCJW+EBOiYTLPDtlBT2N:LagVM0uCObf2SSXfi8lBT2N

    Score
    10/10
    imminentpersistencespywaretrojan

    • Imminent RAT

      Remote-access trojan based on Imminent Monitor remote admin software.

      trojanspywareimminent

    • Modifies WinLogon for persistence

      persistence

    • Drops file in Drivers directory

    • Drops desktop.ini file(s)

    • Suspicious use of SetThreadContext

    behavioral1behavioral2

MITRE ATT&CK Enterprise v6

Tasks