imminent | 06eba92d52705ce2af6862a2a2f3b0510807b5f14ed965fa9ba9c618a70a3995 | Triage

Submit
Reports

Overview

overview

Static

static

06eba92d52...95.exe

windows7_x64

06eba92d52...95.exe

windows10-2004_x64

Sharing

General

Target

06eba92d52705ce2af6862a2a2f3b0510807b5f14ed965fa9ba9c618a70a3995
Size

1.1MB
Sample

220531-emj3gahecr
MD5

1ed830b0902a89718453d8a9479d0df5
SHA1

6ebe1b790078f3b1ae78dbf1c48f72231f515801
SHA256

06eba92d52705ce2af6862a2a2f3b0510807b5f14ed965fa9ba9c618a70a3995
SHA512

2e127e9348ebcf7fb0ca1cb5115d205422556347fbbaabb9038bad79ca28aa6b4cb2b93694104748ea1a566dfac772e78507b66954e181779db65f37bc9647cd

Score

10^/10

imminent persistence spyware trojan

Static task

static1

Behavioral task

behavioral1

Sample

06eba92d52705ce2af6862a2a2f3b0510807b5f14ed965fa9ba9c618a70a3995.exe

Resource

win7-20220414-en

imminent persistence spyware trojan

windows7_x64

0 signatures

0 seconds

Behavioral task

behavioral2

Sample

06eba92d52705ce2af6862a2a2f3b0510807b5f14ed965fa9ba9c618a70a3995.exe

Resource

win10v2004-20220414-en

imminent persistence spyware trojan

windows10-2004_x64

0 signatures

0 seconds

Malware Config

Targets

- Target
  
  06eba92d52705ce2af6862a2a2f3b0510807b5f14ed965fa9ba9c618a70a3995
- Size
  
  1.1MB
- MD5
  
  1ed830b0902a89718453d8a9479d0df5
- SHA1
  
  6ebe1b790078f3b1ae78dbf1c48f72231f515801
- SHA256
  
  06eba92d52705ce2af6862a2a2f3b0510807b5f14ed965fa9ba9c618a70a3995
- SHA512
  
  2e127e9348ebcf7fb0ca1cb5115d205422556347fbbaabb9038bad79ca28aa6b4cb2b93694104748ea1a566dfac772e78507b66954e181779db65f37bc9647cd
Score

10^/10

imminent persistence spyware trojan
- Imminent RAT
  Remote-access trojan based on Imminent Monitor remote admin software.
  trojan spyware imminent
- Modifies WinLogon for persistence
  persistence
- Executes dropped EXE
- Checks computer location settings
  Looks up country code configured in the registry, likely geofence.
- Loads dropped DLL
- Drops desktop.ini file(s)
- Suspicious use of SetThreadContext
behavioral1 behavioral2

MITRE ATT&CK Enterprise v6

Initial Access

Execution

Persistence

Winlogon Helper DLL

Privilege Escalation

Defense Evasion

Modify Registry

Credential Access

Discovery

Query Registry

System Information Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

imminentpersistencespywaretrojan

behavioral2

imminentpersistencespywaretrojan

© 2018-2025

Terms | Privacy