imminent | 0010a6492931d0b45242791b9b653da9a751b8e87fac5256608e305f1442d5da | Triage

Sharing

General

Target

0010a6492931d0b45242791b9b653da9a751b8e87fac5256608e305f1442d5da
Size

1020KB
Sample

221123-aefmvshc6z
MD5

3b904dff601bf5636bf0cf926c79d532
SHA1

bc83cfc684e5fd7bf59d527e3a7240b406b213a3
SHA256

0010a6492931d0b45242791b9b653da9a751b8e87fac5256608e305f1442d5da
SHA512

59c39b7f25d570df6052c1cf6d1d097b2f4942969bdb62560fc28638f96660a261c14e71143f47bf77e283cc18889c380cb75f77fedf498caab1b083425271ca
SSDEEP

24576:/6bwzn5fiW3+NCLGNwDXn4mHod5nPR4hxD:/6EzFfwN6JgPR

Score

10^/10

imminent persistence spyware trojan

Malware Config

Targets

- Target
  
  0010a6492931d0b45242791b9b653da9a751b8e87fac5256608e305f1442d5da
- Size
  
  1020KB
- MD5
  
  3b904dff601bf5636bf0cf926c79d532
- SHA1
  
  bc83cfc684e5fd7bf59d527e3a7240b406b213a3
- SHA256
  
  0010a6492931d0b45242791b9b653da9a751b8e87fac5256608e305f1442d5da
- SHA512
  
  59c39b7f25d570df6052c1cf6d1d097b2f4942969bdb62560fc28638f96660a261c14e71143f47bf77e283cc18889c380cb75f77fedf498caab1b083425271ca
- SSDEEP
  
  24576:/6bwzn5fiW3+NCLGNwDXn4mHod5nPR4hxD:/6EzFfwN6JgPR
Score

10^/10

persistence imminent spyware trojan
- Imminent RAT
  Remote-access trojan based on Imminent Monitor remote admin software.
  trojan spyware imminent
- Executes dropped EXE
- Checks computer location settings
  Looks up country code configured in the registry, likely geofence.
- Loads dropped DLL
- Adds Run key to start application
  persistence
- Drops desktop.ini file(s)
behavioral1 behavioral2

MITRE ATT&CK Enterprise v6

Initial Access

Execution

Persistence

Registry Run Keys / Startup Folder

Privilege Escalation

Defense Evasion

Modify Registry

Credential Access

Discovery

Query Registry

Remote System Discovery

System Information Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2

imminentpersistencespywaretrojan