Overview

overview

10

Static

static

3

7f1113759d...18.exe

windows7-x64

10

7f1113759d...18.exe

windows10-2004-x64

10

Sharing

Copy URL
Twitter E-mail

General

  • Target

    7f1113759d043a2c80292266b6362eb6_JaffaCakes118

  • Size

    651KB

  • Sample

    240529-br4qwsde34

  • MD5

    7f1113759d043a2c80292266b6362eb6

  • SHA1

    90be21b50046af5eba74e6632623fb2aac6d5e14

  • SHA256

    6f8eba1ab9c3dfb62c267f46e25e70021ac4b7eeeef6601fd5b2aa35fbab5d94

  • SHA512

    6aaa039653d66cf0b719223dec54f710a66ff38c4ec2eaa63d02b8c3d3282d727850fb098f8ca1cb072b534d74192f577640f376af051dbdd6384740bcc4f4b1

  • SSDEEP

    12288:wFetEQ3+mwI86GbFGUMpKBosjzA+BLPD:w4PuLx6wFrMN+BL7

Score
10/10
imminentpersistencespywaretrojan

Malware Config

Targets

    • Target

      7f1113759d043a2c80292266b6362eb6_JaffaCakes118

    • Size

      651KB

    • MD5

      7f1113759d043a2c80292266b6362eb6

    • SHA1

      90be21b50046af5eba74e6632623fb2aac6d5e14

    • SHA256

      6f8eba1ab9c3dfb62c267f46e25e70021ac4b7eeeef6601fd5b2aa35fbab5d94

    • SHA512

      6aaa039653d66cf0b719223dec54f710a66ff38c4ec2eaa63d02b8c3d3282d727850fb098f8ca1cb072b534d74192f577640f376af051dbdd6384740bcc4f4b1

    • SSDEEP

      12288:wFetEQ3+mwI86GbFGUMpKBosjzA+BLPD:w4PuLx6wFrMN+BL7

    Score
    10/10
    imminentpersistencespywaretrojan

    • Imminent RAT

      Remote-access trojan based on Imminent Monitor remote admin software.

      trojanspywareimminent

    • Adds Run key to start application

      persistence

    • Drops desktop.ini file(s)

    • Suspicious use of SetThreadContext

    behavioral1behavioral2

MITRE ATT&CK Enterprise v15

Tasks