Overview

overview

10

Static

static

3

3dedb531c2...18.exe

windows7-x64

10

3dedb531c2...18.exe

windows10-2004-x64

10

Sharing

Copy URL
Twitter E-mail

General

  • Target

    3dedb531c23d2f97dfef2f55f5755375_JaffaCakes118

  • Size

    322KB

  • Sample

    240514-ff1bjsbd4x

  • MD5

    3dedb531c23d2f97dfef2f55f5755375

  • SHA1

    0c5141964e9b293ddcd9288d5b11cc7c012865b0

  • SHA256

    1aabeaf72f2af76b774252e1d0bd599c03a7217ffa77974d1a7afeb6025e0ec3

  • SHA512

    1e4df34ee6c25c7ffffd8cba64ecd6447974c74ce246bf137e3a983a5a830f293ef4a6d1f1b6146089c10e927dbc5ffee537ce8f1b6515968ddc2ece00e25c85

  • SSDEEP

    6144:2Wo5kzR/8WzGM6npfk8dyjlA9xq5YznuXu6kmOrnzX6qi:29kdFGzB3bBJb7Li

Score
10/10
imminentpersistencespywaretrojan

Malware Config

Targets

    • Target

      3dedb531c23d2f97dfef2f55f5755375_JaffaCakes118

    • Size

      322KB

    • MD5

      3dedb531c23d2f97dfef2f55f5755375

    • SHA1

      0c5141964e9b293ddcd9288d5b11cc7c012865b0

    • SHA256

      1aabeaf72f2af76b774252e1d0bd599c03a7217ffa77974d1a7afeb6025e0ec3

    • SHA512

      1e4df34ee6c25c7ffffd8cba64ecd6447974c74ce246bf137e3a983a5a830f293ef4a6d1f1b6146089c10e927dbc5ffee537ce8f1b6515968ddc2ece00e25c85

    • SSDEEP

      6144:2Wo5kzR/8WzGM6npfk8dyjlA9xq5YznuXu6kmOrnzX6qi:29kdFGzB3bBJb7Li

    Score
    10/10
    imminentpersistencespywaretrojan

    • Imminent RAT

      Remote-access trojan based on Imminent Monitor remote admin software.

      trojanspywareimminent

    • Checks computer location settings

      Looks up country code configured in the registry, likely geofence.

    • Deletes itself

    • Executes dropped EXE

    • Loads dropped DLL

    • Adds Run key to start application

      persistence
    behavioral1behavioral2

MITRE ATT&CK Enterprise v15

Tasks