General
-
Target
ba06b222017d418654978a57d33ea040b6fb1542c25fe8b7edf30411e2576ffd
-
Size
577KB
-
Sample
250109-hvgh4asncw
-
MD5
c35622ca605dc19d1adad601b49bb567
-
SHA1
1d816c611fba6121092409aa4cc5a2bfdf3b992f
-
SHA256
ba06b222017d418654978a57d33ea040b6fb1542c25fe8b7edf30411e2576ffd
-
SHA512
86e6ded7ec40ffac36667a976578e3e810a0db3d257beae6c4ad94281f2f09447f1b32b41ad0b544d37ec9f494a6a8b3a02c69d021dc8c486992b41cc671894e
-
SSDEEP
12288:YbD5arFJwK6hMJ6ZzHFZfc28beMGTfZuqb7t:rBJwdhMJ6ZzHrfcsMGTfZ5Pt
Malware Config
Targets
-
-
Target
ba06b222017d418654978a57d33ea040b6fb1542c25fe8b7edf30411e2576ffd
-
Size
577KB
-
MD5
c35622ca605dc19d1adad601b49bb567
-
SHA1
1d816c611fba6121092409aa4cc5a2bfdf3b992f
-
SHA256
ba06b222017d418654978a57d33ea040b6fb1542c25fe8b7edf30411e2576ffd
-
SHA512
86e6ded7ec40ffac36667a976578e3e810a0db3d257beae6c4ad94281f2f09447f1b32b41ad0b544d37ec9f494a6a8b3a02c69d021dc8c486992b41cc671894e
-
SSDEEP
12288:YbD5arFJwK6hMJ6ZzHFZfc28beMGTfZuqb7t:rBJwdhMJ6ZzHrfcsMGTfZ5Pt
Score10/10-
Imminent RAT
Remote-access trojan based on Imminent Monitor remote admin software.
-
Imminent family
-
Checks computer location settings
Looks up country code configured in the registry, likely geofence.
-
Executes dropped EXE
-
Loads dropped DLL
-
Adds Run key to start application
-
Suspicious use of SetThreadContext
-