General
-
Target
5b6bc3e2969c7ebf08413e73da96c799f4361ce2b0c11f178e366468fdb81146
-
Size
425KB
-
Sample
240417-ralrraag84
-
MD5
da9051e0cfad9bb74d683843c4b34d0e
-
SHA1
09597890238d0aa3f2c52c6f3054a13b7fbaa738
-
SHA256
5b6bc3e2969c7ebf08413e73da96c799f4361ce2b0c11f178e366468fdb81146
-
SHA512
d2fc1a11aa7201a9972f48fe85e5401142c2f352aa05e6c8c835ede80a6f955acb66934a9819249ad436ca4a0d822f1d4719944b6fd4db2aa478e433fc0d5a60
-
SSDEEP
6144:4SRlSw96Cu5w96rixr8Iy/VZ2KTNfonbuNFZ8usbTh2P8UBQrt3ecRuvcvGhC1ua:FbN68yVZrNQberSZUBkekUAudCaIV
Malware Config
Targets
-
-
Target
047fcf6cf1e83002c31d9725f92abe3014bcb0a65a3078dcc6467036ba792547.exe
-
Size
852KB
-
MD5
e04213f27f4e2c763e0b8910f7743af3
-
SHA1
2707a70bfb085112cb02c82c738f752a4e789825
-
SHA256
047fcf6cf1e83002c31d9725f92abe3014bcb0a65a3078dcc6467036ba792547
-
SHA512
423039cd63fac7e3ceda72bf26695cc94339b1105b4c1a0bf603364e239658b30be841c47e781da867ff1ea0f22428c589ce3daac2c3834ef58e552fdafb242e
-
SSDEEP
24576:2deM8k31Q2B7oVSRZw/bO/PVggnoGhkOF8rcbfdaMQ8NNr+OZQw6F77GEm+pV0kn:8e831bEOOyy
Score10/10-
Imminent RAT
Remote-access trojan based on Imminent Monitor remote admin software.
-
Checks computer location settings
Looks up country code configured in the registry, likely geofence.
-
Loads dropped DLL
-
Adds Run key to start application
-