General

  • Target

    ee5b17af1bea3ce53b9a6bb09c21f634b9465fe505a01177b9eb33943f3021d3.exe

  • Size

    1.3MB

  • Sample

    250509-rxmmkavzew

  • MD5

    47f5be0b418c09e2ef74590b6b4e384d

  • SHA1

    cc08edacbcf59b86068b62110059ac8858a7c50b

  • SHA256

    ee5b17af1bea3ce53b9a6bb09c21f634b9465fe505a01177b9eb33943f3021d3

  • SHA512

    7792d5c0c1c88a8be6ef94328cf120e47cc75a46c186d57e9098d5a2cad27e2a9939717057635d0af12b386c7daf2c985712765131d96d53aba9df0695d69234

  • SSDEEP

    24576:3tb20pkaCqT5TBWgNQ7a1psUIRDW105mbXHF5lpQC56A:0Vg5tQ7a1pbOk04bHHlz5

Malware Config

Targets

    • Target

      ee5b17af1bea3ce53b9a6bb09c21f634b9465fe505a01177b9eb33943f3021d3.exe

    • Size

      1.3MB

    • MD5

      47f5be0b418c09e2ef74590b6b4e384d

    • SHA1

      cc08edacbcf59b86068b62110059ac8858a7c50b

    • SHA256

      ee5b17af1bea3ce53b9a6bb09c21f634b9465fe505a01177b9eb33943f3021d3

    • SHA512

      7792d5c0c1c88a8be6ef94328cf120e47cc75a46c186d57e9098d5a2cad27e2a9939717057635d0af12b386c7daf2c985712765131d96d53aba9df0695d69234

    • SSDEEP

      24576:3tb20pkaCqT5TBWgNQ7a1psUIRDW105mbXHF5lpQC56A:0Vg5tQ7a1pbOk04bHHlz5

    • Imminent RAT

      Remote-access trojan based on Imminent Monitor remote admin software.

    • Imminent family

    • Adds Run key to start application

    • Drops desktop.ini file(s)

    • Suspicious use of SetThreadContext

MITRE ATT&CK Enterprise v16

Tasks