imminent | 57e0c6472d476a79e173059c667acab9743f55102ad8fc2bc1d721c84f408de7 | Triage

Sharing

General

Target

57e0c6472d476a79e173059c667acab9743f55102ad8fc2bc1d721c84f408de7
Size

534KB
Sample

220609-qjzvascgh2
MD5

b0ed1d7b16dcc5456b8cf2b5f76707d6
SHA1

710fe7f3ee9b4ce534e86199647fe66c56c0eaf7
SHA256

57e0c6472d476a79e173059c667acab9743f55102ad8fc2bc1d721c84f408de7
SHA512

b3f099c6024037c9965388ff0b33d948f28938cfd898eb18f410efe0ce9cd8003bdd5ab9549222e98a9d8c201777df1f3dda79c9c6be2e5ac67ec9c3eff506a0

Score

10^/10

imminent persistence spyware trojan

Malware Config

Targets

- Target
  
  57e0c6472d476a79e173059c667acab9743f55102ad8fc2bc1d721c84f408de7
- Size
  
  534KB
- MD5
  
  b0ed1d7b16dcc5456b8cf2b5f76707d6
- SHA1
  
  710fe7f3ee9b4ce534e86199647fe66c56c0eaf7
- SHA256
  
  57e0c6472d476a79e173059c667acab9743f55102ad8fc2bc1d721c84f408de7
- SHA512
  
  b3f099c6024037c9965388ff0b33d948f28938cfd898eb18f410efe0ce9cd8003bdd5ab9549222e98a9d8c201777df1f3dda79c9c6be2e5ac67ec9c3eff506a0
Score

10^/10

imminent persistence spyware trojan
- Imminent RAT
  Remote-access trojan based on Imminent Monitor remote admin software.
  trojan spyware imminent
- Adds Run key to start application
  persistence
- Drops desktop.ini file(s)
- Suspicious use of SetThreadContext
behavioral1 behavioral2

MITRE ATT&CK Enterprise v6

Initial Access

Execution

Persistence

Registry Run Keys / Startup Folder

Privilege Escalation

Defense Evasion

Modify Registry

Credential Access

Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

imminentpersistencespywaretrojan

behavioral2

imminentpersistencespywaretrojan