imminent | 199c3d067000396f0eece639ae58da4a8fdf5107fa5be17d31edcaed13ade905 | Triage

Sharing

General

Target

199c3d067000396f0eece639ae58da4a8fdf5107fa5be17d31edcaed13ade905
Size

618KB
Sample

221124-dxpj9sea58
MD5

2ffee95ccd3b356cf8f08b845686739b
SHA1

4ca369f3e6457cbb11f0fc3ff8f2969ec7d4f81a
SHA256

199c3d067000396f0eece639ae58da4a8fdf5107fa5be17d31edcaed13ade905
SHA512

0ace2a3219759f93ac56f736f9168de82248dc826c32798c0ecbbba0ed73af5a53e47c8708c5a90618681a42ae4cce35e46c4c2d2ccf0af3ed4c90dcebbe32d8
SSDEEP

12288:MDEpkIjmJk/6Egnp4vVgyMqVQrmvJQ3jyAnWtzaAaRACygQmUIe2nH:1pB7/Lgki5ixCy/zaAaOhX2H

Score

10^/10

imminent persistence spyware trojan

Malware Config

Targets

- Target
  
  199c3d067000396f0eece639ae58da4a8fdf5107fa5be17d31edcaed13ade905
- Size
  
  618KB
- MD5
  
  2ffee95ccd3b356cf8f08b845686739b
- SHA1
  
  4ca369f3e6457cbb11f0fc3ff8f2969ec7d4f81a
- SHA256
  
  199c3d067000396f0eece639ae58da4a8fdf5107fa5be17d31edcaed13ade905
- SHA512
  
  0ace2a3219759f93ac56f736f9168de82248dc826c32798c0ecbbba0ed73af5a53e47c8708c5a90618681a42ae4cce35e46c4c2d2ccf0af3ed4c90dcebbe32d8
- SSDEEP
  
  12288:MDEpkIjmJk/6Egnp4vVgyMqVQrmvJQ3jyAnWtzaAaRACygQmUIe2nH:1pB7/Lgki5ixCy/zaAaOhX2H
Score

10^/10

imminent persistence spyware trojan
- Imminent RAT
  Remote-access trojan based on Imminent Monitor remote admin software.
  trojan spyware imminent
- Modifies WinLogon for persistence
  persistence
- Drops desktop.ini file(s)
behavioral1 behavioral2

MITRE ATT&CK Enterprise v6

Initial Access

Execution

Persistence

Winlogon Helper DLL

Privilege Escalation

Defense Evasion

Modify Registry

Credential Access

Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

imminentpersistencespywaretrojan

behavioral2

imminentpersistencespywaretrojan