imminent | 57883a30d41054d605716570e460062e2b888179975d3fd6ff994e16520784b0 | Triage

Sharing

General

Target

57883a30d41054d605716570e460062e2b888179975d3fd6ff994e16520784b0
Size

471KB
Sample

221126-abrwqagd48
MD5

4782a845868ba3024b09fbe7a2cc1565
SHA1

58dc65980e71a2a87d35e44d0dc999b8e565b73e
SHA256

57883a30d41054d605716570e460062e2b888179975d3fd6ff994e16520784b0
SHA512

f83b8fd15a7f5bad18edcf37fcefc0d4656d6a91baf046fcad300359fdef7e93417e42bc2a295c319b28602197b704013589f44b2bb9133a83193f92bdf74de1
SSDEEP

6144:ZI/+0LEp/1OD09k+3Dh7TLowNb2TCdSr4Mc0YxDYWKIDzUxNWOcYbXOGTFp1v8:m/+0LEpNw+31LXNb2a6V2ETIkTWW/10

Score

10^/10

imminent persistence spyware trojan

Malware Config

Targets

- Target
  
  57883a30d41054d605716570e460062e2b888179975d3fd6ff994e16520784b0
- Size
  
  471KB
- MD5
  
  4782a845868ba3024b09fbe7a2cc1565
- SHA1
  
  58dc65980e71a2a87d35e44d0dc999b8e565b73e
- SHA256
  
  57883a30d41054d605716570e460062e2b888179975d3fd6ff994e16520784b0
- SHA512
  
  f83b8fd15a7f5bad18edcf37fcefc0d4656d6a91baf046fcad300359fdef7e93417e42bc2a295c319b28602197b704013589f44b2bb9133a83193f92bdf74de1
- SSDEEP
  
  6144:ZI/+0LEp/1OD09k+3Dh7TLowNb2TCdSr4Mc0YxDYWKIDzUxNWOcYbXOGTFp1v8:m/+0LEpNw+31LXNb2a6V2ETIkTWW/10
Score

10^/10

imminent persistence spyware trojan
- Imminent RAT
  Remote-access trojan based on Imminent Monitor remote admin software.
  trojan spyware imminent
- Adds Run key to start application
  persistence
- Drops desktop.ini file(s)
- Suspicious use of SetThreadContext
behavioral1 behavioral2

MITRE ATT&CK Enterprise v6

Initial Access

Execution

Persistence

Registry Run Keys / Startup Folder

Privilege Escalation

Defense Evasion

Modify Registry

Credential Access

Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

imminentpersistencespywaretrojan

behavioral2

imminentpersistencespywaretrojan