imminent | 3c3557d4bcad650d784053c1b8cb81e94045a5c9bfca6c2c4af2546b353589e0 | Triage

Submit
Reports

Overview

overview

Static

static

3c3557d4bc...e0.exe

windows7_x64

3c3557d4bc...e0.exe

windows10-2004_x64

Sharing

General

Target

3c3557d4bcad650d784053c1b8cb81e94045a5c9bfca6c2c4af2546b353589e0
Size

651KB
Sample

220703-j5vn5sdgh5
MD5

3a4603408b7f9cf81b35e35098333d47
SHA1

f78f6215dea5ecb2168b9b122e976e4a936a6ea0
SHA256

3c3557d4bcad650d784053c1b8cb81e94045a5c9bfca6c2c4af2546b353589e0
SHA512

5ba5bd6ace28cbdd8bb56c3f6b8490110ef903f8aae39583bb36195095796d429e6ed238971a6ad9fc8b25ee2a9f563ddb0a4c902f4ede5f4ecd1d626c0c17e9

Score

10^/10

imminent agilenet spyware trojan

Static task

static1

Behavioral task

behavioral1

Sample

3c3557d4bcad650d784053c1b8cb81e94045a5c9bfca6c2c4af2546b353589e0.exe

Resource

win7-20220414-en

imminent agilenet spyware trojan

windows7_x64

0 signatures

0 seconds

Behavioral task

behavioral2

Sample

3c3557d4bcad650d784053c1b8cb81e94045a5c9bfca6c2c4af2546b353589e0.exe

Resource

win10v2004-20220414-en

imminent spyware trojan

windows10-2004_x64

0 signatures

0 seconds

Malware Config

Targets

- Target
  
  3c3557d4bcad650d784053c1b8cb81e94045a5c9bfca6c2c4af2546b353589e0
- Size
  
  651KB
- MD5
  
  3a4603408b7f9cf81b35e35098333d47
- SHA1
  
  f78f6215dea5ecb2168b9b122e976e4a936a6ea0
- SHA256
  
  3c3557d4bcad650d784053c1b8cb81e94045a5c9bfca6c2c4af2546b353589e0
- SHA512
  
  5ba5bd6ace28cbdd8bb56c3f6b8490110ef903f8aae39583bb36195095796d429e6ed238971a6ad9fc8b25ee2a9f563ddb0a4c902f4ede5f4ecd1d626c0c17e9
Score

10^/10

imminent agilenet spyware trojan
- Imminent RAT
  Remote-access trojan based on Imminent Monitor remote admin software.
  trojan spyware imminent
- Checks computer location settings
  Looks up country code configured in the registry, likely geofence.
- Drops startup file
- Loads dropped DLL
- Obfuscated with Agile.Net obfuscator
  Detects use of the Agile.Net commercial obfuscator, which is capable of entity renaming and control flow obfuscation.
  agilenet
- Drops desktop.ini file(s)
- Suspicious use of SetThreadContext
behavioral1 behavioral2

MITRE ATT&CK Enterprise v6

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Query Registry

System Information Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

imminentagilenetspywaretrojan

behavioral2

imminentspywaretrojan

© 2018-2025

Terms | Privacy