imminent | 78258cd30bee8c94d94b4835d991c04c5a86b991eb6b25e38fb2835874010157 | Triage

Submit
Reports

Overview

overview

Static

static

78258cd30b...57.exe

windows7-x64

78258cd30b...57.exe

windows10-2004-x64

Sharing

General

Target

78258cd30bee8c94d94b4835d991c04c5a86b991eb6b25e38fb2835874010157
Size

293KB
Sample

221019-2falsabcgq
MD5

5090efbff6669644e61b70a6614e53b0
SHA1

eac8dc59f54f265fa2e71a265c42299f34378034
SHA256

78258cd30bee8c94d94b4835d991c04c5a86b991eb6b25e38fb2835874010157
SHA512

ed8dc4df183e89fadaf2691a74822ee225893891a413164a9539c50da1fbcfdfd3b3b3fe497d31830d09e8eaa3bad1ef21d275ab56fa47a374a1a784c4d8ae49
SSDEEP

6144:bpJXZO9tcfeMV8vOOrrN051yp2p6FEgN/hVvJy44ALvremUYDQctl:bP1feGIN054b5/vJyF0remUTI

Score

10^/10

imminent persistence spyware trojan

Static task

static1

Behavioral task

behavioral1

Sample

78258cd30bee8c94d94b4835d991c04c5a86b991eb6b25e38fb2835874010157.exe

Resource

win7-20220901-en

imminent persistence spyware trojan

windows7-x64

11 signatures

150 seconds

Behavioral task

behavioral2

Sample

78258cd30bee8c94d94b4835d991c04c5a86b991eb6b25e38fb2835874010157.exe

Resource

win10v2004-20220901-en

imminent persistence spyware trojan

windows10-2004-x64

13 signatures

150 seconds

Malware Config

Targets

- Target
  
  78258cd30bee8c94d94b4835d991c04c5a86b991eb6b25e38fb2835874010157
- Size
  
  293KB
- MD5
  
  5090efbff6669644e61b70a6614e53b0
- SHA1
  
  eac8dc59f54f265fa2e71a265c42299f34378034
- SHA256
  
  78258cd30bee8c94d94b4835d991c04c5a86b991eb6b25e38fb2835874010157
- SHA512
  
  ed8dc4df183e89fadaf2691a74822ee225893891a413164a9539c50da1fbcfdfd3b3b3fe497d31830d09e8eaa3bad1ef21d275ab56fa47a374a1a784c4d8ae49
- SSDEEP
  
  6144:bpJXZO9tcfeMV8vOOrrN051yp2p6FEgN/hVvJy44ALvremUYDQctl:bP1feGIN054b5/vJyF0remUTI
Score

10^/10

imminent persistence spyware trojan
- Imminent RAT
  Remote-access trojan based on Imminent Monitor remote admin software.
  trojan spyware imminent
- Executes dropped EXE
- Checks computer location settings
  Looks up country code configured in the registry, likely geofence.
- Loads dropped DLL
- Adds Run key to start application
  persistence
behavioral1 behavioral2

MITRE ATT&CK Enterprise v6

Initial Access

Execution

Persistence

Registry Run Keys / Startup Folder

Privilege Escalation

Defense Evasion

Modify Registry

Credential Access

Discovery

Query Registry

Remote System Discovery

System Information Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

imminentpersistencespywaretrojan

behavioral2

imminentpersistencespywaretrojan

© 2018-2025

Terms | Privacy