imminent | 903a87f5fb8e4603adce93efe1f974c7154681017ee28abfc0990323837134bd | Triage

Sharing

General

Target

903a87f5fb8e4603adce93efe1f974c7154681017ee28abfc0990323837134bd
Size

863KB
Sample

220609-qjz53acgh4
MD5

e2771285fe692ee131cbc072e1e9c85d
SHA1

f789fe6cbd9ad9578bd55951a43ccc906e75c3f1
SHA256

903a87f5fb8e4603adce93efe1f974c7154681017ee28abfc0990323837134bd
SHA512

6795535518eb98b1686f9729141a8c84824a932985a05eb1c351a6c2cf8db8da3904319c55cc41f3e99a3ad95952a62fe192fde40da649b4dd32187b1dd8f862

Score

10^/10

imminent persistence spyware trojan

Malware Config

Targets

- Target
  
  903a87f5fb8e4603adce93efe1f974c7154681017ee28abfc0990323837134bd
- Size
  
  863KB
- MD5
  
  e2771285fe692ee131cbc072e1e9c85d
- SHA1
  
  f789fe6cbd9ad9578bd55951a43ccc906e75c3f1
- SHA256
  
  903a87f5fb8e4603adce93efe1f974c7154681017ee28abfc0990323837134bd
- SHA512
  
  6795535518eb98b1686f9729141a8c84824a932985a05eb1c351a6c2cf8db8da3904319c55cc41f3e99a3ad95952a62fe192fde40da649b4dd32187b1dd8f862
Score

10^/10

imminent persistence spyware trojan
- Imminent RAT
  Remote-access trojan based on Imminent Monitor remote admin software.
  trojan spyware imminent
- Adds Run key to start application
  persistence
- Drops desktop.ini file(s)
- Suspicious use of SetThreadContext
behavioral1 behavioral2

MITRE ATT&CK Enterprise v6

Initial Access

Execution

Persistence

Registry Run Keys / Startup Folder

Privilege Escalation

Defense Evasion

Modify Registry

Credential Access

Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

imminentpersistencespywaretrojan

behavioral2

imminentpersistencespywaretrojan