imminent | 4faf2528e5611bfd26b359408eed8715289a3e628c2d5bfe6a000f350066dffe | Triage

Sharing

General

Target

4faf2528e5611bfd26b359408eed8715289a3e628c2d5bfe6a000f350066dffe
Size

607KB
Sample

221122-xh5gqadd92
MD5

91a9d2b0e956318e7cbcf05f9681f7c4
SHA1

2e3780b19b67351fb02027656549addb8d0836af
SHA256

4faf2528e5611bfd26b359408eed8715289a3e628c2d5bfe6a000f350066dffe
SHA512

a4545e344bf106b30e61d69deaa40b4181149ea94340dcd72287b4b7803ce95a129e4c91a9e87eae4cc6bc1172785c78a5139060625258ad559ee9e12aaff6e7
SSDEEP

12288:zpaDulO2GU6YvurtyjPYr9Jp0LiiW8QdOn9VbtFC78qADbU1Z:zkDyO2p2gjgJULuzon/JFCwqAPC

Score

10^/10

imminent persistence spyware trojan

Malware Config

Targets

- Target
  
  4faf2528e5611bfd26b359408eed8715289a3e628c2d5bfe6a000f350066dffe
- Size
  
  607KB
- MD5
  
  91a9d2b0e956318e7cbcf05f9681f7c4
- SHA1
  
  2e3780b19b67351fb02027656549addb8d0836af
- SHA256
  
  4faf2528e5611bfd26b359408eed8715289a3e628c2d5bfe6a000f350066dffe
- SHA512
  
  a4545e344bf106b30e61d69deaa40b4181149ea94340dcd72287b4b7803ce95a129e4c91a9e87eae4cc6bc1172785c78a5139060625258ad559ee9e12aaff6e7
- SSDEEP
  
  12288:zpaDulO2GU6YvurtyjPYr9Jp0LiiW8QdOn9VbtFC78qADbU1Z:zkDyO2p2gjgJULuzon/JFCwqAPC
Score

10^/10

imminent persistence spyware trojan
- Imminent RAT
  Remote-access trojan based on Imminent Monitor remote admin software.
  trojan spyware imminent
- Adds Run key to start application
  persistence
- Drops desktop.ini file(s)
- Suspicious use of SetThreadContext
behavioral1 behavioral2

MITRE ATT&CK Enterprise v6

Initial Access

Execution

Persistence

Registry Run Keys / Startup Folder

Privilege Escalation

Defense Evasion

Modify Registry

Credential Access

Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

imminentpersistencespywaretrojan

behavioral2

imminentpersistencespywaretrojan