imminent | 8c6248232f3baf7fa15858674b0dabcd2da039ecfb20221b4e3c1d7142ba1e5b | Triage

Sharing

General

Target

8c6248232f3baf7fa15858674b0dabcd2da039ecfb20221b4e3c1d7142ba1e5b
Size

541KB
Sample

221126-b7fc8sch85
MD5

f692c41c0fc7101bfcf92d0672b51390
SHA1

f1ab2395241709115a3aab1cbddb14893f86ff22
SHA256

8c6248232f3baf7fa15858674b0dabcd2da039ecfb20221b4e3c1d7142ba1e5b
SHA512

9badc4051654f8d8e3f0ea808969b0ee70519825737fbb5835a3f28e43e1427c1b87a6aa1672859b6ecb60917c0f74cef4f4d4839d3c3b2988fd7fc9c6789a01
SSDEEP

12288:GLqXFm5azVB/YTVUWu0MGAtm8d37DGrTaGqKY:GmU5azVBgTVUGAkEHBV

Score

10^/10

imminent persistence spyware trojan

Malware Config

Targets

- Target
  
  8c6248232f3baf7fa15858674b0dabcd2da039ecfb20221b4e3c1d7142ba1e5b
- Size
  
  541KB
- MD5
  
  f692c41c0fc7101bfcf92d0672b51390
- SHA1
  
  f1ab2395241709115a3aab1cbddb14893f86ff22
- SHA256
  
  8c6248232f3baf7fa15858674b0dabcd2da039ecfb20221b4e3c1d7142ba1e5b
- SHA512
  
  9badc4051654f8d8e3f0ea808969b0ee70519825737fbb5835a3f28e43e1427c1b87a6aa1672859b6ecb60917c0f74cef4f4d4839d3c3b2988fd7fc9c6789a01
- SSDEEP
  
  12288:GLqXFm5azVB/YTVUWu0MGAtm8d37DGrTaGqKY:GmU5azVBgTVUGAkEHBV
Score

10^/10

imminent persistence spyware trojan
- Imminent RAT
  Remote-access trojan based on Imminent Monitor remote admin software.
  trojan spyware imminent
- Modifies WinLogon for persistence
  persistence
- Drops file in Drivers directory
- Drops desktop.ini file(s)
behavioral1 behavioral2

MITRE ATT&CK Enterprise v6

Initial Access

Execution

Persistence

Winlogon Helper DLL

Privilege Escalation

Defense Evasion

Modify Registry

Credential Access

Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

imminentpersistencespywaretrojan

behavioral2

imminentpersistencespywaretrojan