imminent | de427ba0777d40f72357e9c85fd0b0a6b6ba74fcb3194790940099ecd2d7d3d6 | Triage

Submit
Reports

Overview

overview

Static

static

de427ba077...d6.exe

windows7_x64

de427ba077...d6.exe

windows10_x64

Sharing

General

Target

de427ba0777d40f72357e9c85fd0b0a6b6ba74fcb3194790940099ecd2d7d3d6
Size

724KB
Sample

220122-alyf9aeee2
MD5

facb2f0ee8f250e085e7a5f9b714a26d
SHA1

ea87654b2bd00ef696b74a1b21f98de681cd49bf
SHA256

de427ba0777d40f72357e9c85fd0b0a6b6ba74fcb3194790940099ecd2d7d3d6
SHA512

e1f459387b9f573e905f07d806b911066d9b70c22dc3ee433116ee7c53f98f7463e246480b3c060a38cda1dffb5ed3b393961096acc7688d1c8e4b277e8e6f00

Score

10^/10

imminent njrat evasion persistence spyware trojan

Static task

static1

Behavioral task

behavioral1

Sample

de427ba0777d40f72357e9c85fd0b0a6b6ba74fcb3194790940099ecd2d7d3d6.exe

Resource

win7-en-20211208

imminent njrat evasion persistence spyware trojan

windows7_x64

0 signatures

0 seconds

Behavioral task

behavioral2

Sample

de427ba0777d40f72357e9c85fd0b0a6b6ba74fcb3194790940099ecd2d7d3d6.exe

Resource

win10-en-20211208

imminent njrat evasion persistence spyware trojan

windows10_x64

0 signatures

0 seconds

Malware Config

Targets

- Target
  
  de427ba0777d40f72357e9c85fd0b0a6b6ba74fcb3194790940099ecd2d7d3d6
- Size
  
  724KB
- MD5
  
  facb2f0ee8f250e085e7a5f9b714a26d
- SHA1
  
  ea87654b2bd00ef696b74a1b21f98de681cd49bf
- SHA256
  
  de427ba0777d40f72357e9c85fd0b0a6b6ba74fcb3194790940099ecd2d7d3d6
- SHA512
  
  e1f459387b9f573e905f07d806b911066d9b70c22dc3ee433116ee7c53f98f7463e246480b3c060a38cda1dffb5ed3b393961096acc7688d1c8e4b277e8e6f00
Score

10^/10

imminent njrat evasion persistence spyware trojan
- Imminent RAT
  Remote-access trojan based on Imminent Monitor remote admin software.
  trojan spyware imminent
- njRAT/Bladabindi
  Widely used RAT written in .NET.
  trojan njrat
- Executes dropped EXE
- Modifies Windows Firewall
  evasion
- Drops startup file
- Adds Run key to start application
  persistence
behavioral1 behavioral2

MITRE ATT&CK Matrix ATT&CK v6

Initial Access

Execution

Persistence

Modify Existing Service

Registry Run Keys / Startup Folder

Privilege Escalation

Defense Evasion

Modify Registry

Credential Access

Discovery

System Information Discovery

Query Registry

Peripheral Device Discovery

Remote System Discovery

Lateral Movement

Collection

Exfiltration

Command and Control

Impact

Tasks

static1

behavioral1

imminentnjratevasionpersistencespywaretrojan

behavioral2

imminentnjratevasionpersistencespywaretrojan

© 2018-2024

Terms | Privacy