Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

Overview

overview

10

Static

static

1

bdf408fec4...b9.exe

windows7-x64

7

bdf408fec4...b9.exe

windows10-2004-x64

10

Sharing

Copy URL
Twitter E-mail

General

  • Target

    bdf408fec4d45044fbd8cf1ed2f5a2e3bfdd64634dc74a99678fc612ce09cab9

  • Size

    579KB

  • Sample

    250301-f3fkna1wbx

  • MD5

    62f5d80f18ab5045615c21b56112bf42

  • SHA1

    5d357b7c43489e2106dd5281a504d297b539487d

  • SHA256

    bdf408fec4d45044fbd8cf1ed2f5a2e3bfdd64634dc74a99678fc612ce09cab9

  • SHA512

    82c8b05301b41d48494db62f7bb9d0b6a0aa5077a2e549bef2ea74d94212fa07c356872bf726d893f81352979a9ad2a2c08d444796f7b63c3929a3a742065aa7

  • SSDEEP

    12288:YbD5arFJwK6hMJ6ZzHFZfc28beMGTfZuqb7/:rBJwdhMJ6ZzHrfcsMGTfZ5P/

Score
10/10
imminentdiscoverypersistencespywaretrojan

Malware Config

Targets

    • Target

      bdf408fec4d45044fbd8cf1ed2f5a2e3bfdd64634dc74a99678fc612ce09cab9

    • Size

      579KB

    • MD5

      62f5d80f18ab5045615c21b56112bf42

    • SHA1

      5d357b7c43489e2106dd5281a504d297b539487d

    • SHA256

      bdf408fec4d45044fbd8cf1ed2f5a2e3bfdd64634dc74a99678fc612ce09cab9

    • SHA512

      82c8b05301b41d48494db62f7bb9d0b6a0aa5077a2e549bef2ea74d94212fa07c356872bf726d893f81352979a9ad2a2c08d444796f7b63c3929a3a742065aa7

    • SSDEEP

      12288:YbD5arFJwK6hMJ6ZzHFZfc28beMGTfZuqb7/:rBJwdhMJ6ZzHrfcsMGTfZ5P/

    Score
    10/10
    discoverypersistenceimminentspywaretrojan

    • Imminent RAT

      Remote-access trojan based on Imminent Monitor remote admin software.

      trojanspywareimminent

    • Imminent family

      imminent

    • Checks computer location settings

      Looks up country code configured in the registry, likely geofence.

    • Executes dropped EXE

    • Loads dropped DLL

    • Adds Run key to start application

      persistence

    • Suspicious use of SetThreadContext

    behavioral1behavioral2

MITRE ATT&CK Enterprise v15

Tasks