imminent | e1aba93d8c34044712d4b53d0be73e6194cd96cbda4663d2bfcb274b74360383 | Triage

Submit
Reports

Overview

overview

Static

static

e1aba93d8c...83.exe

windows7-x64

e1aba93d8c...83.exe

windows10-2004-x64

Sharing

General

Target

e1aba93d8c34044712d4b53d0be73e6194cd96cbda4663d2bfcb274b74360383
Size

272KB
Sample

221122-weew8afd3w
MD5

0a4e0d8d71fb3d1a7ec454cc3e09c65c
SHA1

7dc1fcb375cbcecfd489e1e757f12cb183070954
SHA256

e1aba93d8c34044712d4b53d0be73e6194cd96cbda4663d2bfcb274b74360383
SHA512

88758a08f21804dfd575ee1ec04213385002f74defb87d3ef60385c1cef42691efde7c3b047138d7eaf1f6d2239ad0ec4d8cbd84064a57611178e95f11790420
SSDEEP

6144:oP0yw0fdSPot1LzOojRY5z57J4nvENcRBbi1yctlnq:Ly2ot13plENJAvENcOoInq

Score

10^/10

imminent persistence spyware trojan

Static task

static1

Behavioral task

behavioral1

Sample

e1aba93d8c34044712d4b53d0be73e6194cd96cbda4663d2bfcb274b74360383.exe

Resource

win7-20220901-en

imminent persistence spyware trojan

windows7-x64

14 signatures

150 seconds

Behavioral task

behavioral2

Sample

e1aba93d8c34044712d4b53d0be73e6194cd96cbda4663d2bfcb274b74360383.exe

Resource

win10v2004-20221111-en

imminent persistence spyware trojan

windows10-2004-x64

16 signatures

150 seconds

Malware Config

Targets

- Target
  
  e1aba93d8c34044712d4b53d0be73e6194cd96cbda4663d2bfcb274b74360383
- Size
  
  272KB
- MD5
  
  0a4e0d8d71fb3d1a7ec454cc3e09c65c
- SHA1
  
  7dc1fcb375cbcecfd489e1e757f12cb183070954
- SHA256
  
  e1aba93d8c34044712d4b53d0be73e6194cd96cbda4663d2bfcb274b74360383
- SHA512
  
  88758a08f21804dfd575ee1ec04213385002f74defb87d3ef60385c1cef42691efde7c3b047138d7eaf1f6d2239ad0ec4d8cbd84064a57611178e95f11790420
- SSDEEP
  
  6144:oP0yw0fdSPot1LzOojRY5z57J4nvENcRBbi1yctlnq:Ly2ot13plENJAvENcOoInq
Score

10^/10

imminent persistence spyware trojan
- Imminent RAT
  Remote-access trojan based on Imminent Monitor remote admin software.
  trojan spyware imminent
- Executes dropped EXE
- Checks computer location settings
  Looks up country code configured in the registry, likely geofence.
- Deletes itself
- Loads dropped DLL
- Adds Run key to start application
  persistence
- Drops desktop.ini file(s)
behavioral1 behavioral2

MITRE ATT&CK Enterprise v6

Initial Access

Execution

Persistence

Registry Run Keys / Startup Folder

Privilege Escalation

Defense Evasion

Modify Registry

Credential Access

Discovery

Peripheral Device Discovery

Query Registry

Remote System Discovery

System Information Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

imminentpersistencespywaretrojan

behavioral2

imminentpersistencespywaretrojan

© 2018-2025

Terms | Privacy