imminent | 0bcb7bb58e454831ef2b3efcb7feed3038d95759e5774667c1cda7491560da51 | Triage

Sharing

General

Target

0bcb7bb58e454831ef2b3efcb7feed3038d95759e5774667c1cda7491560da51
Size

542KB
Sample

221126-b73tjada44
MD5

7aba5437319eaa21b342330cfb5a7df1
SHA1

e29f42a993a1c70b132ff2844d606166bb23322a
SHA256

0bcb7bb58e454831ef2b3efcb7feed3038d95759e5774667c1cda7491560da51
SHA512

327a09189970ab18ab6c0a3bfa91a32eff12b0f45640d2fce5436afe21f7d4105d6c0ab9f4d214df3ac71a8c7fa11952117e4812ebb6d043f8978917634b3a82
SSDEEP

6144:1lTfkyn+LWAsEekNs2P6/a0R2GnT7CXjmXLaRVTiKtUSzJoIX0sQ4lSys45yxxsU:1lTfkkiWH6so6OGT7aqX40S9/Zfs45j

Score

10^/10

imminent persistence spyware trojan

Malware Config

Targets

- Target
  
  0bcb7bb58e454831ef2b3efcb7feed3038d95759e5774667c1cda7491560da51
- Size
  
  542KB
- MD5
  
  7aba5437319eaa21b342330cfb5a7df1
- SHA1
  
  e29f42a993a1c70b132ff2844d606166bb23322a
- SHA256
  
  0bcb7bb58e454831ef2b3efcb7feed3038d95759e5774667c1cda7491560da51
- SHA512
  
  327a09189970ab18ab6c0a3bfa91a32eff12b0f45640d2fce5436afe21f7d4105d6c0ab9f4d214df3ac71a8c7fa11952117e4812ebb6d043f8978917634b3a82
- SSDEEP
  
  6144:1lTfkyn+LWAsEekNs2P6/a0R2GnT7CXjmXLaRVTiKtUSzJoIX0sQ4lSys45yxxsU:1lTfkkiWH6so6OGT7aqX40S9/Zfs45j
Score

10^/10

imminent persistence spyware trojan
- Imminent RAT
  Remote-access trojan based on Imminent Monitor remote admin software.
  trojan spyware imminent
- Modifies WinLogon for persistence
  persistence
- Drops file in Drivers directory
- Drops desktop.ini file(s)
behavioral1 behavioral2

MITRE ATT&CK Enterprise v6

Initial Access

Execution

Persistence

Winlogon Helper DLL

Privilege Escalation

Defense Evasion

Modify Registry

Credential Access

Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

imminentpersistencespywaretrojan

behavioral2

imminentpersistencespywaretrojan