Overview

overview

10

Static

static

3

d0286bcea7...18.exe

windows7-x64

7

d0286bcea7...18.exe

windows10-2004-x64

10

Sharing

Copy URL
Twitter E-mail

General

  • Target

    d0286bcea78732af2242da0ab3ff98e7_JaffaCakes118

  • Size

    321KB

  • Sample

    240906-wr4q4s1bkj

  • MD5

    d0286bcea78732af2242da0ab3ff98e7

  • SHA1

    5d2d6dab3dc52271e313e6736cb1c09c12d67981

  • SHA256

    74ba8836cba21fca746bb7b24a72a0e192f31bae0b592466855b09991bb4dfc5

  • SHA512

    6368a7e6736581f5eff37b98df427946ce14b4918eea9f212d4c3377e4ff72c37ab5cededd1a89f90206511941171c898f1c4004cda2a7a292ebe7e7ca51911d

  • SSDEEP

    6144:5F5GHKqSccAXTIzUzWvxv7vV+G7zPoAz0Q54HeyJAud+V3Ojj:5vGHKDccAX0AWvxzvV+zAz03HFBj

Score
10/10
imminentdiscoveryspywaretrojan

Malware Config

Targets

    • Target

      d0286bcea78732af2242da0ab3ff98e7_JaffaCakes118

    • Size

      321KB

    • MD5

      d0286bcea78732af2242da0ab3ff98e7

    • SHA1

      5d2d6dab3dc52271e313e6736cb1c09c12d67981

    • SHA256

      74ba8836cba21fca746bb7b24a72a0e192f31bae0b592466855b09991bb4dfc5

    • SHA512

      6368a7e6736581f5eff37b98df427946ce14b4918eea9f212d4c3377e4ff72c37ab5cededd1a89f90206511941171c898f1c4004cda2a7a292ebe7e7ca51911d

    • SSDEEP

      6144:5F5GHKqSccAXTIzUzWvxv7vV+G7zPoAz0Q54HeyJAud+V3Ojj:5vGHKDccAX0AWvxzvV+zAz03HFBj

    Score
    10/10
    discoveryimminentspywaretrojan

    • Imminent RAT

      Remote-access trojan based on Imminent Monitor remote admin software.

      trojanspywareimminent

    • Checks computer location settings

      Looks up country code configured in the registry, likely geofence.

    • Deletes itself

    • Executes dropped EXE

    • Loads dropped DLL

    • Drops desktop.ini file(s)

    behavioral1behavioral2

MITRE ATT&CK Enterprise v15

Tasks