Overview

overview

10

Static

static

3

c5d3ea214c...45.exe

windows7-x64

10

c5d3ea214c...45.exe

windows10-2004-x64

10

Sharing

Copy URL
Twitter E-mail

General

  • Target

    c5d3ea214c7daeecf6eb9d1bf855e845

  • Size

    638KB

  • Sample

    231222-rwycnsdha7

  • MD5

    c5d3ea214c7daeecf6eb9d1bf855e845

  • SHA1

    116bfc6a1aa817899ea0be0feceee6572a59c356

  • SHA256

    9d53132d7619fdf5337a41f7dde15f940464f4ab3522a6b43c247a5877d2f63b

  • SHA512

    1dae151dbd6b1cd28ee9c3b9059264493e90861741175086e5d88f0dcc8c713426068fb251891b91ba2ff66e32cf0f7065360e48dde62881cd6fb9a395f8f292

  • SSDEEP

    6144:DBt+dQs65r1RZYOoJF9GkEqA8qYFqkIeODYa/UBT5GtPdfaDOh5YvAHlqyK2uZ4w:T5kq8qYF6DY46GtiaSowyK2tKj2MX4c

Score
10/10
imminentpersistencespywaretrojan

Malware Config

Targets

    • Target

      c5d3ea214c7daeecf6eb9d1bf855e845

    • Size

      638KB

    • MD5

      c5d3ea214c7daeecf6eb9d1bf855e845

    • SHA1

      116bfc6a1aa817899ea0be0feceee6572a59c356

    • SHA256

      9d53132d7619fdf5337a41f7dde15f940464f4ab3522a6b43c247a5877d2f63b

    • SHA512

      1dae151dbd6b1cd28ee9c3b9059264493e90861741175086e5d88f0dcc8c713426068fb251891b91ba2ff66e32cf0f7065360e48dde62881cd6fb9a395f8f292

    • SSDEEP

      6144:DBt+dQs65r1RZYOoJF9GkEqA8qYFqkIeODYa/UBT5GtPdfaDOh5YvAHlqyK2uZ4w:T5kq8qYF6DY46GtiaSowyK2tKj2MX4c

    Score
    10/10
    imminentpersistencespywaretrojan

    • Imminent RAT

      Remote-access trojan based on Imminent Monitor remote admin software.

      trojanspywareimminent

    • Checks computer location settings

      Looks up country code configured in the registry, likely geofence.

    • Deletes itself

    • Executes dropped EXE

    • Loads dropped DLL

    • Adds Run key to start application

      persistence
    behavioral1behavioral2

MITRE ATT&CK Enterprise v15

Tasks