Overview

overview

10

Static

static

3

59c5cb3570...f0.exe

windows7-x64

10

59c5cb3570...f0.exe

windows10-2004-x64

10

Sharing

Copy URL
Twitter E-mail

General

  • Target

    59c5cb3570cb24fabecd0675b81255f0

  • Size

    315KB

  • Sample

    240114-ahcqdagebk

  • MD5

    59c5cb3570cb24fabecd0675b81255f0

  • SHA1

    efaebb4328c3753bb02075ba768b1d1ab0d76bfc

  • SHA256

    32ad611697fbd9c7dbe438fa7e0f2a4d7c59edbc21ac668741f276a747016c4f

  • SHA512

    45b4dedfbec5107bf661b206ad40bc7c2d3d171751225abff913ebb2192cb4372b850d1eeecc20115b8f1ce23a84d56aee0ede141a401d9d08b4b2ed59856dfa

  • SSDEEP

    6144:/dL4Z3U5O08lC1/rOFh5rboJHDwoqFoNaVFqa5p3jqkXHFxSEnZts:/F4Z3n08WrQ3r6w5os3OkXlxS7

Score
10/10
imminentpersistencespywaretrojan

Malware Config

Targets

    • Target

      59c5cb3570cb24fabecd0675b81255f0

    • Size

      315KB

    • MD5

      59c5cb3570cb24fabecd0675b81255f0

    • SHA1

      efaebb4328c3753bb02075ba768b1d1ab0d76bfc

    • SHA256

      32ad611697fbd9c7dbe438fa7e0f2a4d7c59edbc21ac668741f276a747016c4f

    • SHA512

      45b4dedfbec5107bf661b206ad40bc7c2d3d171751225abff913ebb2192cb4372b850d1eeecc20115b8f1ce23a84d56aee0ede141a401d9d08b4b2ed59856dfa

    • SSDEEP

      6144:/dL4Z3U5O08lC1/rOFh5rboJHDwoqFoNaVFqa5p3jqkXHFxSEnZts:/F4Z3n08WrQ3r6w5os3OkXlxS7

    Score
    10/10
    imminentpersistencespywaretrojan

    • Imminent RAT

      Remote-access trojan based on Imminent Monitor remote admin software.

      trojanspywareimminent

    • Checks computer location settings

      Looks up country code configured in the registry, likely geofence.

    • Deletes itself

    • Executes dropped EXE

    • Adds Run key to start application

      persistence

    • Drops desktop.ini file(s)

    behavioral1behavioral2

MITRE ATT&CK Enterprise v15

Tasks