Overview

overview

10

Static

static

5

fc1c010b77...5f.exe

windows7-x64

10

fc1c010b77...5f.exe

windows10-2004-x64

10

Sharing

Copy URL
Twitter E-mail

General

  • Target

    fc1c010b776b3e094b556982ff729d5f

  • Size

    1.3MB

  • Sample

    231220-wcyljsahfm

  • MD5

    fc1c010b776b3e094b556982ff729d5f

  • SHA1

    762794ee4b573f011664d872dc9de42d636fac5d

  • SHA256

    e40b3da6d63897102a14d6d17128ccdfe8d774db9b7481b89e1269e38113d786

  • SHA512

    3065a910e09ee7682853e4f97769a4302799214b514bae0bd1c79399eb97d16b457ad775e12b085105326555c64b0af01707dcf16be9fd11b1294b3424c8f09e

  • SSDEEP

    24576:btb20pkaCqT5TBWgNQ7a/PHbGinldnpLeMluAQ16AK:YVg5tQ7a/P7Gil1W5K

Score
10/10
imminentspywaretrojan

Malware Config

Targets

    • Target

      fc1c010b776b3e094b556982ff729d5f

    • Size

      1.3MB

    • MD5

      fc1c010b776b3e094b556982ff729d5f

    • SHA1

      762794ee4b573f011664d872dc9de42d636fac5d

    • SHA256

      e40b3da6d63897102a14d6d17128ccdfe8d774db9b7481b89e1269e38113d786

    • SHA512

      3065a910e09ee7682853e4f97769a4302799214b514bae0bd1c79399eb97d16b457ad775e12b085105326555c64b0af01707dcf16be9fd11b1294b3424c8f09e

    • SSDEEP

      24576:btb20pkaCqT5TBWgNQ7a/PHbGinldnpLeMluAQ16AK:YVg5tQ7a/P7Gil1W5K

    Score
    10/10
    imminentspywaretrojan

    • Imminent RAT

      Remote-access trojan based on Imminent Monitor remote admin software.

      trojanspywareimminent

    • Checks computer location settings

      Looks up country code configured in the registry, likely geofence.

    • Drops startup file

    • Drops desktop.ini file(s)

    • Suspicious use of SetThreadContext

    behavioral1behavioral2

MITRE ATT&CK Enterprise v15

Tasks