Overview

overview

10

Static

static

3

URGENT QUOTATION.exe

windows7-x64

7

URGENT QUOTATION.exe

windows10-2004-x64

10

Sharing

Copy URL
Twitter E-mail

General

  • Target

    41c27be061ebbf97b3affa557d90ed9f_JaffaCakes118

  • Size

    533KB

  • Sample

    240514-rc4eksad53

  • MD5

    41c27be061ebbf97b3affa557d90ed9f

  • SHA1

    88f42501db2d68cc527ed8703b13dcc959bfcf2c

  • SHA256

    a5eb9c7fce3e3b97a05265f49936170b4a4009d611cf0cc16ec802ddadc433ad

  • SHA512

    8fd2e350473f6d2346061e242c3603bbc1c7385df835ecba723d2b2d9f01ed9f2e67de99c789be8c48c6d60885e209bfac5576fdc69e259f738f45224cc5394c

  • SSDEEP

    12288:uyYCLtUrq6sH1bqWb0xV6km39BAFoPmhqKGAG2xDSl9rAL:uyLR2361bqWbKV67B4hx/GIU9U

Score
10/10
imminentagilenetspywaretrojan

Malware Config

Targets

    • Target

      URGENT QUOTATION.exe

    • Size

      970KB

    • MD5

      d11648713e4787d3f44fc74dbb2528d0

    • SHA1

      ae249089905bedbe36285620503d744b7bd50227

    • SHA256

      53d7bc7f973e349fd37b7770de19baa1505222077d12a7f72dc62119a9f28852

    • SHA512

      b9dd63cb0f7b681c0f72d4fa81e614f79953d356c3a56f6bd41e05a75284bcc7c54763b9c9b1e0ff8f1d607320f06d72f7940f441bb0750e60d7745f0159d85b

    • SSDEEP

      24576:8sOT8w1RpEJrOAerGasN/9GwHDNKBVH1iU76:8R8MjmrUWclB6J

    Score
    10/10
    agilenetimminentspywaretrojan

    • Imminent RAT

      Remote-access trojan based on Imminent Monitor remote admin software.

      trojanspywareimminent

    • Obfuscated with Agile.Net obfuscator

      Detects use of the Agile.Net commercial obfuscator, which is capable of entity renaming and control flow obfuscation.

      agilenet

    • Suspicious use of SetThreadContext

    behavioral1behavioral2

MITRE ATT&CK Matrix

Tasks