imminent | 087773f56ffc57bde5f318e3f3cd0419b864af7043381da9613e38526511c575 | Triage

Sharing

General

Target

087773f56ffc57bde5f318e3f3cd0419b864af7043381da9613e38526511c575
Size

287KB
Sample

221126-zlbd6adb75
MD5

0e2856684ad41c9801f7d8719b7aeb80
SHA1

0478271b0e26a38c4c1ad01ddc635c1371f82dd5
SHA256

087773f56ffc57bde5f318e3f3cd0419b864af7043381da9613e38526511c575
SHA512

56c8e2d9302fd9c388713ed801314851dbdf69739bdbead6225a919c69406ef587f57d1be61c40f5a7f4a343033c0c27bddd6ed5305c1ac815e68736bc96fb61
SSDEEP

6144:9mXnDMqHNvCuhGPo54B8FYuclgxadye0Bk8asGYo:94n1oGGPmbc4iABk8TR

Score

10^/10

imminent persistence spyware trojan

Malware Config

Targets

- Target
  
  087773f56ffc57bde5f318e3f3cd0419b864af7043381da9613e38526511c575
- Size
  
  287KB
- MD5
  
  0e2856684ad41c9801f7d8719b7aeb80
- SHA1
  
  0478271b0e26a38c4c1ad01ddc635c1371f82dd5
- SHA256
  
  087773f56ffc57bde5f318e3f3cd0419b864af7043381da9613e38526511c575
- SHA512
  
  56c8e2d9302fd9c388713ed801314851dbdf69739bdbead6225a919c69406ef587f57d1be61c40f5a7f4a343033c0c27bddd6ed5305c1ac815e68736bc96fb61
- SSDEEP
  
  6144:9mXnDMqHNvCuhGPo54B8FYuclgxadye0Bk8asGYo:94n1oGGPmbc4iABk8TR
Score

10^/10

imminent persistence spyware trojan
- Imminent RAT
  Remote-access trojan based on Imminent Monitor remote admin software.
  trojan spyware imminent
- Adds Run key to start application
  persistence
- Drops desktop.ini file(s)
- Suspicious use of SetThreadContext
behavioral1 behavioral2

MITRE ATT&CK Enterprise v6

Initial Access

Execution

Persistence

Registry Run Keys / Startup Folder

Privilege Escalation

Defense Evasion

Modify Registry

Credential Access

Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

imminentpersistencespywaretrojan

behavioral2

imminentpersistencespywaretrojan