imminent | 97f02dd573bd2ad8b76c3c69b6c52f4cb6372e1fd6c37f9e13d9a0532dc5c5b9 | Triage

Sharing

General

Target

97f02dd573bd2ad8b76c3c69b6c52f4cb6372e1fd6c37f9e13d9a0532dc5c5b9
Size

758KB
Sample

220609-qjzvasgdgl
MD5

e770a4fbada35417fb5f021353c22d55
SHA1

5a2c96330be7bfed17de9573ccbdd3b3109b359a
SHA256

97f02dd573bd2ad8b76c3c69b6c52f4cb6372e1fd6c37f9e13d9a0532dc5c5b9
SHA512

390d2799f1506076ef7ca88e1bc19ebdbbbf3c262ef32b2b99f471f38d58dccab84781c3c8222135ebab69529020975f55fe777a1f0a23c3936e8966ef4782a4

Score

10^/10

imminent persistence spyware trojan

Malware Config

Targets

- Target
  
  97f02dd573bd2ad8b76c3c69b6c52f4cb6372e1fd6c37f9e13d9a0532dc5c5b9
- Size
  
  758KB
- MD5
  
  e770a4fbada35417fb5f021353c22d55
- SHA1
  
  5a2c96330be7bfed17de9573ccbdd3b3109b359a
- SHA256
  
  97f02dd573bd2ad8b76c3c69b6c52f4cb6372e1fd6c37f9e13d9a0532dc5c5b9
- SHA512
  
  390d2799f1506076ef7ca88e1bc19ebdbbbf3c262ef32b2b99f471f38d58dccab84781c3c8222135ebab69529020975f55fe777a1f0a23c3936e8966ef4782a4
Score

10^/10

imminent persistence spyware trojan
- Imminent RAT
  Remote-access trojan based on Imminent Monitor remote admin software.
  trojan spyware imminent
- Adds Run key to start application
  persistence
- Drops desktop.ini file(s)
- Suspicious use of SetThreadContext
behavioral1 behavioral2

MITRE ATT&CK Enterprise v6

Initial Access

Execution

Persistence

Registry Run Keys / Startup Folder

Privilege Escalation

Defense Evasion

Modify Registry

Credential Access

Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

imminentpersistencespywaretrojan

behavioral2

imminentpersistencespywaretrojan