imminent | 1f73572a11cd21dbe0bbbc1f736f19fcab13db4efe5322fe3eaf0fe6a0c7e7f1 | Triage

Sharing

General

Target

1f73572a11cd21dbe0bbbc1f736f19fcab13db4efe5322fe3eaf0fe6a0c7e7f1
Size

357KB
Sample

221124-crmm2sbb92
MD5

52ef20f51eab8d68ad97088fae37d354
SHA1

0abd3396f7d2f0527fe1acf0d52ed0dfbc9f2f84
SHA256

1f73572a11cd21dbe0bbbc1f736f19fcab13db4efe5322fe3eaf0fe6a0c7e7f1
SHA512

1fe2702d320143fca982c75c0ec362f04b509a3b767925afe9960fb7768cc0ad3e5cc820ca8b8ecba712e06719cb3f31e6059e5d0c5d88cb8b96678555dd0704
SSDEEP

6144:EvLJuABAxe3bfwy0rBgyBOx2o2l745Bh/uio8RsMJP5ltgNCn5nXO:EvluzTy0ayQAl45Bv9hK

Score

10^/10

imminent persistence spyware trojan

Malware Config

Targets

- Target
  
  1f73572a11cd21dbe0bbbc1f736f19fcab13db4efe5322fe3eaf0fe6a0c7e7f1
- Size
  
  357KB
- MD5
  
  52ef20f51eab8d68ad97088fae37d354
- SHA1
  
  0abd3396f7d2f0527fe1acf0d52ed0dfbc9f2f84
- SHA256
  
  1f73572a11cd21dbe0bbbc1f736f19fcab13db4efe5322fe3eaf0fe6a0c7e7f1
- SHA512
  
  1fe2702d320143fca982c75c0ec362f04b509a3b767925afe9960fb7768cc0ad3e5cc820ca8b8ecba712e06719cb3f31e6059e5d0c5d88cb8b96678555dd0704
- SSDEEP
  
  6144:EvLJuABAxe3bfwy0rBgyBOx2o2l745Bh/uio8RsMJP5ltgNCn5nXO:EvluzTy0ayQAl45Bv9hK
Score

10^/10

imminent persistence spyware trojan
- Imminent RAT
  Remote-access trojan based on Imminent Monitor remote admin software.
  trojan spyware imminent
- Adds Run key to start application
  persistence
- Drops desktop.ini file(s)
behavioral1 behavioral2

MITRE ATT&CK Enterprise v6

Initial Access

Execution

Persistence

Registry Run Keys / Startup Folder

Privilege Escalation

Defense Evasion

Modify Registry

Credential Access

Discovery

System Information Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

imminentpersistencespywaretrojan

behavioral2

imminentpersistencespywaretrojan