imminent | 44313461595aab5603003276a9afa3952987a1df3e9e774bb8caa65e9a4d9a1e | Triage

Sharing

General

Target

44313461595aab5603003276a9afa3952987a1df3e9e774bb8caa65e9a4d9a1e
Size

356KB
Sample

221126-slvpgaga2v
MD5

7b29d2bdf75a8c1470803aa389b7979e
SHA1

56d116e2812b87eecd652e57f0a1a461ce77db52
SHA256

44313461595aab5603003276a9afa3952987a1df3e9e774bb8caa65e9a4d9a1e
SHA512

af3efc650062e90366861a88750b8254796be876a3582c16762aeceb051bb601524b76ba14a42d002cb9ef487bdf6e4d2b5341114b724a26e457ebdad3560b23
SSDEEP

6144:e+2Z0zZGUlQqluuICq+XD2Xj0rHdjEL1FA1z7XiQzdH+m2QXotsZbnp:p2ZyZFJuiPDC45jQ1FA1z7XrzoFQo4p

Score

10^/10

imminent persistence spyware trojan

Malware Config

Targets

- Target
  
  44313461595aab5603003276a9afa3952987a1df3e9e774bb8caa65e9a4d9a1e
- Size
  
  356KB
- MD5
  
  7b29d2bdf75a8c1470803aa389b7979e
- SHA1
  
  56d116e2812b87eecd652e57f0a1a461ce77db52
- SHA256
  
  44313461595aab5603003276a9afa3952987a1df3e9e774bb8caa65e9a4d9a1e
- SHA512
  
  af3efc650062e90366861a88750b8254796be876a3582c16762aeceb051bb601524b76ba14a42d002cb9ef487bdf6e4d2b5341114b724a26e457ebdad3560b23
- SSDEEP
  
  6144:e+2Z0zZGUlQqluuICq+XD2Xj0rHdjEL1FA1z7XiQzdH+m2QXotsZbnp:p2ZyZFJuiPDC45jQ1FA1z7XrzoFQo4p
Score

10^/10

imminent persistence spyware trojan
- Imminent RAT
  Remote-access trojan based on Imminent Monitor remote admin software.
  trojan spyware imminent
- Adds Run key to start application
  persistence
- Drops desktop.ini file(s)
- Suspicious use of SetThreadContext
behavioral1 behavioral2

MITRE ATT&CK Enterprise v6

Initial Access

Execution

Persistence

Registry Run Keys / Startup Folder

Privilege Escalation

Defense Evasion

Modify Registry

Credential Access

Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

imminentpersistencespywaretrojan

behavioral2

imminentpersistencespywaretrojan