General
-
Target
b0f3c59421dc746d58f363914b6e314e79837a8efe6e34c8ccd944e3add5cbc0
-
Size
524KB
-
Sample
240731-a82gesxgnq
-
MD5
30657c26c85838c95ebd78e6767e7b6a
-
SHA1
17018db5dc062648719977bf9650013999aba2be
-
SHA256
b0f3c59421dc746d58f363914b6e314e79837a8efe6e34c8ccd944e3add5cbc0
-
SHA512
59d87b3da50d342da7a503eb131270feda850460f80f67c31ffc44a9842ab92bd6d1ad486a0bb439f27a9fd88bc4cfbde072369b5934a3a26863a0d1c85e63ed
-
SSDEEP
12288:V93i7sdsDNs2zfUH66YFtEBC/toWgBGMBp5vlLCYR6lO4C3m:V0QDKsHHw/nsDvbv2
Malware Config
Targets
-
-
Target
283f2c9a8fc3bf7bb658be696981da27
-
Size
559KB
-
MD5
283f2c9a8fc3bf7bb658be696981da27
-
SHA1
5ccf04ba9544a0a834975c8f2342d3e628a3806d
-
SHA256
f3a27f3d4a44f3c4615a2a3066d766f1c0281d350a20d96ef579ec8f3e24459f
-
SHA512
eea5b5a5fcb0ea0f66d6502bab35d5fc250294a029bd2d057c96614da137adff9af71e067aac6fb4680b90a3658d7ad3341c268d495379f846b30597406d819e
-
SSDEEP
12288:/ZJtAgzmWOt9BgBtCMvHk2alzDxNApin5w8qGZLUEUVB5fc6qH:BJtAguyjCeHCzDxlVZLUECfc
Score10/10-
Imminent RAT
Remote-access trojan based on Imminent Monitor remote admin software.
-
Checks computer location settings
Looks up country code configured in the registry, likely geofence.
-
Executes dropped EXE
-
Loads dropped DLL
-
Adds Run key to start application
-
Drops desktop.ini file(s)
-
Suspicious use of SetThreadContext
-