imminent | d4c284ac85b32284010fa7129709f7c29ba0c6ff7beeb0cbd1a52da3c43631a3 | Triage

Sharing

General

Target

d4c284ac85b32284010fa7129709f7c29ba0c6ff7beeb0cbd1a52da3c43631a3
Size

616KB
Sample

221126-s9qenaef83
MD5

c8577fe52013e70673c5d793da43194d
SHA1

e13ace6b4d32e340f9219431e996ca395631b122
SHA256

d4c284ac85b32284010fa7129709f7c29ba0c6ff7beeb0cbd1a52da3c43631a3
SHA512

1063f7b25f82d0dc2d2a27da5c5130e5ad04b1d8bc7e798f7d953b080c951f7df552d4563f5650ab18bd1b4aa20571fbb76670ff41519b2bb32c76e87849445b
SSDEEP

12288:SpodR/4DyEDgKDr3vhja4sVJdVfeUR4+WSsTdSKel7EOYCAmBeCeezee:HRAWVsr/GVS+W5SKelHA

Score

10^/10

imminent persistence spyware trojan

Malware Config

Targets

- Target
  
  d4c284ac85b32284010fa7129709f7c29ba0c6ff7beeb0cbd1a52da3c43631a3
- Size
  
  616KB
- MD5
  
  c8577fe52013e70673c5d793da43194d
- SHA1
  
  e13ace6b4d32e340f9219431e996ca395631b122
- SHA256
  
  d4c284ac85b32284010fa7129709f7c29ba0c6ff7beeb0cbd1a52da3c43631a3
- SHA512
  
  1063f7b25f82d0dc2d2a27da5c5130e5ad04b1d8bc7e798f7d953b080c951f7df552d4563f5650ab18bd1b4aa20571fbb76670ff41519b2bb32c76e87849445b
- SSDEEP
  
  12288:SpodR/4DyEDgKDr3vhja4sVJdVfeUR4+WSsTdSKel7EOYCAmBeCeezee:HRAWVsr/GVS+W5SKelHA
Score

10^/10

imminent persistence spyware trojan
- Imminent RAT
  Remote-access trojan based on Imminent Monitor remote admin software.
  trojan spyware imminent
- Adds Run key to start application
  persistence
- Drops desktop.ini file(s)
- Suspicious use of SetThreadContext
behavioral1 behavioral2

MITRE ATT&CK Enterprise v6

Initial Access

Execution

Persistence

Registry Run Keys / Startup Folder

Privilege Escalation

Defense Evasion

Modify Registry

Credential Access

Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

imminentpersistencespywaretrojan

behavioral2

imminentpersistencespywaretrojan