imminent | 9ad899013d0ef0e645f6e542ac132a9cc4f81882555e52dc6f8baa8f6003a0f8 | Triage

Sharing

General

Target

9ad899013d0ef0e645f6e542ac132a9cc4f81882555e52dc6f8baa8f6003a0f8
Size

544KB
Sample

221126-nwnxfsbf87
MD5

50c2311c1a23abffa92400be91636d3d
SHA1

307eb527c1959715200b5feddb974061b53d95d1
SHA256

9ad899013d0ef0e645f6e542ac132a9cc4f81882555e52dc6f8baa8f6003a0f8
SHA512

b34c5cb18b5aeefef8aa8ef78d8f1e7405e54d0b360c245eccf238686df49146b40e3ea6d85315aadea0c6736ec95732d988d3bc4166c0d9cf2767b76cfc0732
SSDEEP

12288:JR3NywK49G8JoeBFg5q1hw9Eogo++wlj7rjYFwOKf/wTdN:JR3NywK49hJLW5qU9Ey+rv/OKf/+

Score

10^/10

imminent persistence spyware trojan

Malware Config

Targets

- Target
  
  9ad899013d0ef0e645f6e542ac132a9cc4f81882555e52dc6f8baa8f6003a0f8
- Size
  
  544KB
- MD5
  
  50c2311c1a23abffa92400be91636d3d
- SHA1
  
  307eb527c1959715200b5feddb974061b53d95d1
- SHA256
  
  9ad899013d0ef0e645f6e542ac132a9cc4f81882555e52dc6f8baa8f6003a0f8
- SHA512
  
  b34c5cb18b5aeefef8aa8ef78d8f1e7405e54d0b360c245eccf238686df49146b40e3ea6d85315aadea0c6736ec95732d988d3bc4166c0d9cf2767b76cfc0732
- SSDEEP
  
  12288:JR3NywK49G8JoeBFg5q1hw9Eogo++wlj7rjYFwOKf/wTdN:JR3NywK49hJLW5qU9Ey+rv/OKf/+
Score

10^/10

imminent persistence spyware trojan
- Imminent RAT
  Remote-access trojan based on Imminent Monitor remote admin software.
  trojan spyware imminent
- Modifies WinLogon for persistence
  persistence
- Drops desktop.ini file(s)
behavioral1 behavioral2

MITRE ATT&CK Enterprise v6

Initial Access

Execution

Persistence

Winlogon Helper DLL

Privilege Escalation

Defense Evasion

Modify Registry

Credential Access

Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

imminentpersistencespywaretrojan

behavioral2

imminentpersistencespywaretrojan