imminent | 18ba16091b39fff9e59f45f847beefddea16a298fd0b3947720c0eaf923aae99 | Triage

Submit
Reports

Overview

overview

Static

static

18ba16091b...99.exe

windows7-x64

18ba16091b...99.exe

windows10-2004-x64

Sharing

General

Target

18ba16091b39fff9e59f45f847beefddea16a298fd0b3947720c0eaf923aae99
Size

405KB
Sample

221122-xzq1nahf3z
MD5

adea0168ab27c1dbb40c289d63d8b958
SHA1

6e5f529d5aab2b05937806b47fb1add5649b5649
SHA256

18ba16091b39fff9e59f45f847beefddea16a298fd0b3947720c0eaf923aae99
SHA512

91238b6d06d3ee949e8833dcb8666b614a7ea3600bb3d5ae2a1512f5b370ac558fa188db9febf583b44fb040a3ac4ee56bab573d72d8d06b4f69e18fd966cb93
SSDEEP

6144:EZKND8j+AV9AnB7EqSpzFPygHeqpctlfSMXea:EZKNDrAV9tz5ygZIfaa

Score

10^/10

imminent persistence spyware trojan

Static task

static1

Behavioral task

behavioral1

Sample

18ba16091b39fff9e59f45f847beefddea16a298fd0b3947720c0eaf923aae99.exe

Resource

win7-20220812-en

imminent persistence spyware trojan

windows7-x64

14 signatures

150 seconds

Behavioral task

behavioral2

Sample

18ba16091b39fff9e59f45f847beefddea16a298fd0b3947720c0eaf923aae99.exe

Resource

win10v2004-20221111-en

imminent persistence spyware trojan

windows10-2004-x64

16 signatures

150 seconds

Malware Config

Targets

- Target
  
  18ba16091b39fff9e59f45f847beefddea16a298fd0b3947720c0eaf923aae99
- Size
  
  405KB
- MD5
  
  adea0168ab27c1dbb40c289d63d8b958
- SHA1
  
  6e5f529d5aab2b05937806b47fb1add5649b5649
- SHA256
  
  18ba16091b39fff9e59f45f847beefddea16a298fd0b3947720c0eaf923aae99
- SHA512
  
  91238b6d06d3ee949e8833dcb8666b614a7ea3600bb3d5ae2a1512f5b370ac558fa188db9febf583b44fb040a3ac4ee56bab573d72d8d06b4f69e18fd966cb93
- SSDEEP
  
  6144:EZKND8j+AV9AnB7EqSpzFPygHeqpctlfSMXea:EZKNDrAV9tz5ygZIfaa
Score

10^/10

imminent persistence spyware trojan
- Imminent RAT
  Remote-access trojan based on Imminent Monitor remote admin software.
  trojan spyware imminent
- Executes dropped EXE
- Checks computer location settings
  Looks up country code configured in the registry, likely geofence.
- Deletes itself
- Loads dropped DLL
- Adds Run key to start application
  persistence
- Drops desktop.ini file(s)
behavioral1 behavioral2

MITRE ATT&CK Enterprise v6

Initial Access

Execution

Persistence

Registry Run Keys / Startup Folder

Privilege Escalation

Defense Evasion

Modify Registry

Credential Access

Discovery

Peripheral Device Discovery

Query Registry

Remote System Discovery

System Information Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

imminentpersistencespywaretrojan

behavioral2

imminentpersistencespywaretrojan

© 2018-2025

Terms | Privacy