Overview

overview

10

Static

static

3

4b95fa4786...18.exe

windows7-x64

10

4b95fa4786...18.exe

windows10-2004-x64

10

Sharing

Copy URL
Twitter E-mail

General

  • Target

    4b95fa4786f5830cb7f0027f9d15adef_JaffaCakes118

  • Size

    861KB

  • Sample

    240516-rzwm9ahd5y

  • MD5

    4b95fa4786f5830cb7f0027f9d15adef

  • SHA1

    feca329eaf6fabae376a15cf6908c2171fb86393

  • SHA256

    3009ba30b32ee1b30b5c1ff5545da20237bacb418b74578ae6cfaffaa786522b

  • SHA512

    a712857ea1a0db3267644c07395662fe39ca0e519ca402e9c63dc1fa28c36f59b994700908cb3ea7d63437d7cc25bd0a8bfeffbb13364397eb570e94e4217a5a

  • SSDEEP

    12288:vaBBJFXixkSgfm+z5je3FqJooCGsvTuZouazcFG1hdoWt:v8RWkSguayKofvTGW

Score
10/10
imminentspywaretrojan

Malware Config

Targets

    • Target

      4b95fa4786f5830cb7f0027f9d15adef_JaffaCakes118

    • Size

      861KB

    • MD5

      4b95fa4786f5830cb7f0027f9d15adef

    • SHA1

      feca329eaf6fabae376a15cf6908c2171fb86393

    • SHA256

      3009ba30b32ee1b30b5c1ff5545da20237bacb418b74578ae6cfaffaa786522b

    • SHA512

      a712857ea1a0db3267644c07395662fe39ca0e519ca402e9c63dc1fa28c36f59b994700908cb3ea7d63437d7cc25bd0a8bfeffbb13364397eb570e94e4217a5a

    • SSDEEP

      12288:vaBBJFXixkSgfm+z5je3FqJooCGsvTuZouazcFG1hdoWt:v8RWkSguayKofvTGW

    Score
    10/10
    imminentspywaretrojan

    • Imminent RAT

      Remote-access trojan based on Imminent Monitor remote admin software.

      trojanspywareimminent

    • Checks computer location settings

      Looks up country code configured in the registry, likely geofence.

    • Drops desktop.ini file(s)

    • Suspicious use of SetThreadContext

    behavioral1behavioral2

MITRE ATT&CK Enterprise v15

Tasks