Overview

overview

10

Static

static

1

93f4716eec...8e.exe

windows7-x64

10

93f4716eec...8e.exe

windows10-2004-x64

10

Sharing

Copy URL
Twitter E-mail

General

  • Target

    93f4716eec9d3180c1c1e56b346b0b61be55fc5c7bd4ea0bf1413982c5fcb18e

  • Size

    577KB

  • Sample

    250108-e96jzsvjdw

  • MD5

    e9bd9c64632c5db5747b37b3454e6cfd

  • SHA1

    94dd85e7e20b1b4a4a7b20b60532aa9cb6f045fa

  • SHA256

    93f4716eec9d3180c1c1e56b346b0b61be55fc5c7bd4ea0bf1413982c5fcb18e

  • SHA512

    35de0589431caa05e33c41efde0fa2f3888e79475d19d087d1aa4295686fb7e753245fad3451103436d62bb0f62fb291a661bb7c4a8a91e5670aead73958be59

  • SSDEEP

    12288:YbD5arFJwK6hMJ6ZzHFZfc28beMGTfZuqb7t:rBJwdhMJ6ZzHrfcsMGTfZ5Pt

Score
10/10
imminentdiscoverypersistencespywaretrojan

Malware Config

Targets

    • Target

      93f4716eec9d3180c1c1e56b346b0b61be55fc5c7bd4ea0bf1413982c5fcb18e

    • Size

      577KB

    • MD5

      e9bd9c64632c5db5747b37b3454e6cfd

    • SHA1

      94dd85e7e20b1b4a4a7b20b60532aa9cb6f045fa

    • SHA256

      93f4716eec9d3180c1c1e56b346b0b61be55fc5c7bd4ea0bf1413982c5fcb18e

    • SHA512

      35de0589431caa05e33c41efde0fa2f3888e79475d19d087d1aa4295686fb7e753245fad3451103436d62bb0f62fb291a661bb7c4a8a91e5670aead73958be59

    • SSDEEP

      12288:YbD5arFJwK6hMJ6ZzHFZfc28beMGTfZuqb7t:rBJwdhMJ6ZzHrfcsMGTfZ5Pt

    Score
    10/10
    imminentdiscoverypersistencespywaretrojan

    • Imminent RAT

      Remote-access trojan based on Imminent Monitor remote admin software.

      trojanspywareimminent

    • Imminent family

      imminent

    • Checks computer location settings

      Looks up country code configured in the registry, likely geofence.

    • Executes dropped EXE

    • Loads dropped DLL

    • Adds Run key to start application

      persistence

    • Suspicious use of SetThreadContext

    behavioral1behavioral2

MITRE ATT&CK Enterprise v15

Tasks