imminent | 17f10fac1f728312eb781c8aef416da314eba5fdc9d37423ab0684c5340b414e | Triage

Submit
Reports

Overview

overview

Static

static

17f10fac1f...4e.exe

windows7-x64

17f10fac1f...4e.exe

windows10-2004-x64

Sharing

General

Target

17f10fac1f728312eb781c8aef416da314eba5fdc9d37423ab0684c5340b414e
Size

271KB
Sample

221126-xmy6hafh52
MD5

0d9872faa1d16415b0185bc4f58ea34d
SHA1

c0373bec05812cc8887e4e762a0b355342195639
SHA256

17f10fac1f728312eb781c8aef416da314eba5fdc9d37423ab0684c5340b414e
SHA512

e07ef475347c80689fe06c117c5019f682303f2e6bcea2dcabb589fa7391fea857df9a4140dd508345a8433662b5e1b321ce937802f5f3f9149b49f615f7fb9d
SSDEEP

6144:CV92MnB1bCmlOwI3GdZHM+oEs5JDvdyGX8ctlD+:0FPYwsGfs+or5J6ID+

Score

10^/10

imminent persistence spyware trojan

Static task

static1

Behavioral task

behavioral1

Sample

17f10fac1f728312eb781c8aef416da314eba5fdc9d37423ab0684c5340b414e.exe

Resource

win7-20221111-en

imminent persistence spyware trojan

windows7-x64

11 signatures

150 seconds

Behavioral task

behavioral2

Sample

17f10fac1f728312eb781c8aef416da314eba5fdc9d37423ab0684c5340b414e.exe

Resource

win10v2004-20221111-en

imminent persistence spyware trojan

windows10-2004-x64

12 signatures

150 seconds

Malware Config

Targets

- Target
  
  17f10fac1f728312eb781c8aef416da314eba5fdc9d37423ab0684c5340b414e
- Size
  
  271KB
- MD5
  
  0d9872faa1d16415b0185bc4f58ea34d
- SHA1
  
  c0373bec05812cc8887e4e762a0b355342195639
- SHA256
  
  17f10fac1f728312eb781c8aef416da314eba5fdc9d37423ab0684c5340b414e
- SHA512
  
  e07ef475347c80689fe06c117c5019f682303f2e6bcea2dcabb589fa7391fea857df9a4140dd508345a8433662b5e1b321ce937802f5f3f9149b49f615f7fb9d
- SSDEEP
  
  6144:CV92MnB1bCmlOwI3GdZHM+oEs5JDvdyGX8ctlD+:0FPYwsGfs+or5J6ID+
Score

10^/10

imminent persistence spyware trojan
- Imminent RAT
  Remote-access trojan based on Imminent Monitor remote admin software.
  trojan spyware imminent
- Executes dropped EXE
- Checks computer location settings
  Looks up country code configured in the registry, likely geofence.
- Deletes itself
- Loads dropped DLL
- Adds Run key to start application
  persistence
- Drops desktop.ini file(s)
behavioral1 behavioral2

MITRE ATT&CK Enterprise v6

Initial Access

Execution

Persistence

Registry Run Keys / Startup Folder

Privilege Escalation

Defense Evasion

Modify Registry

Credential Access

Discovery

Query Registry

Remote System Discovery

System Information Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

imminentpersistencespywaretrojan

behavioral2

imminentpersistencespywaretrojan

© 2018-2025

Terms | Privacy

We care about your privacy.

This website stores cookies on your computer. These cookies are used to improve your website experience and provide more personalized services to you, both on this website and through other media. To find out more about the cookies we use, see our Privacy Policy.