Overview

overview

10

Static

static

3

b6268d11a8...07.exe

windows7-x64

10

b6268d11a8...07.exe

windows10-2004-x64

10

Sharing

Copy URL
Twitter E-mail

General

  • Target

    b6268d11a8352702f4d032c379932907

  • Size

    645KB

  • Sample

    240306-bnwwwaga97

  • MD5

    b6268d11a8352702f4d032c379932907

  • SHA1

    99e1fd77dc77bbe2cd36394b47eff6c5300dc233

  • SHA256

    b0368cae653f4d839e417afb7875e71a54324806382951f44c9e19598ebc3e27

  • SHA512

    6613eb0dc1229bbfa2ba7fc87fcf70e4108d8f5f3ab2b9db443fe59054209de94e77d5058062aedf0afa85c27442de043cf17afb5018bff32543adc3f1fe3267

  • SSDEEP

    12288:9lQwbcauT1dH2kCuPsTZXHyyf1/pqsVKLqdz4keFyLP5:9QauTTzPs1yzsEjwLP5

Score
10/10
imminentpersistencespywaretrojan

Malware Config

Targets

    • Target

      b6268d11a8352702f4d032c379932907

    • Size

      645KB

    • MD5

      b6268d11a8352702f4d032c379932907

    • SHA1

      99e1fd77dc77bbe2cd36394b47eff6c5300dc233

    • SHA256

      b0368cae653f4d839e417afb7875e71a54324806382951f44c9e19598ebc3e27

    • SHA512

      6613eb0dc1229bbfa2ba7fc87fcf70e4108d8f5f3ab2b9db443fe59054209de94e77d5058062aedf0afa85c27442de043cf17afb5018bff32543adc3f1fe3267

    • SSDEEP

      12288:9lQwbcauT1dH2kCuPsTZXHyyf1/pqsVKLqdz4keFyLP5:9QauTTzPs1yzsEjwLP5

    Score
    10/10
    imminentpersistencespywaretrojan

    • Imminent RAT

      Remote-access trojan based on Imminent Monitor remote admin software.

      trojanspywareimminent

    • Checks computer location settings

      Looks up country code configured in the registry, likely geofence.

    • Deletes itself

    • Executes dropped EXE

    • Loads dropped DLL

    • Adds Run key to start application

      persistence
    behavioral1behavioral2

MITRE ATT&CK Enterprise v15

Tasks