imminent | 5dd36835379dc8533536feba936e84040f665cbe1b4c00e35ff348580800b3da | Triage

Sharing

General

Target

5dd36835379dc8533536feba936e84040f665cbe1b4c00e35ff348580800b3da
Size

314KB
Sample

221127-aj85zaae61
MD5

718bab4a60dec28a9292b575d2cc6735
SHA1

d85830153d995c00921002c75ba4318905d3ed19
SHA256

5dd36835379dc8533536feba936e84040f665cbe1b4c00e35ff348580800b3da
SHA512

3bf19a84327ad879a71bf3db1bce813727f8fcb3b8b7f695a216ca5a810d18d39df0ca479aa658e025d9be34b4ef44e5b5ab537e9dad034ab4e6531938f10359
SSDEEP

6144:mmzinkuiOksXZw1r0AKPG9bUDEVyaTcUvagYPPctGFePRvoyG16/Nw:mmzHuiOk2Zw1r5KPcbRTN9+ctGFePRAB

Score

10^/10

imminent persistence spyware trojan

Malware Config

Targets

- Target
  
  Vídeo pra ti linda.exe
- Size
  
  436KB
- MD5
  
  564588d16ce970daed4c7ab47586a3cd
- SHA1
  
  6ced2688bf14f9a2100fa9fed373463e22a44197
- SHA256
  
  840cd90d14a700e56a4ea5e918afe6403ccb83a42ffa694fe4d67a98346d6a41
- SHA512
  
  7e95d146534b5c21b788f18f69b7017a9e32003d1272cf03e0ac95f5fa374416b1ff0626fb25a0aea74ae8f8df48ae2dba58b17274c51b2a342147aff81383f8
- SSDEEP
  
  6144:we5gYGeytpBD/sMd6Qh/r/wHpj17C/d0dw2U2O35h5pIntBy2bk/RmNcG+U1XHNp:wfYGey36iwJjVvt1O3H5StBzwpsX
Score

10^/10

imminent persistence spyware trojan
- Imminent RAT
  Remote-access trojan based on Imminent Monitor remote admin software.
  trojan spyware imminent
- Adds Run key to start application
  persistence
- Drops desktop.ini file(s)
- Suspicious use of SetThreadContext
behavioral1 behavioral2

MITRE ATT&CK Enterprise v6

Initial Access

Execution

Persistence

Registry Run Keys / Startup Folder

Privilege Escalation

Defense Evasion

Modify Registry

Credential Access

Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

imminentpersistencespywaretrojan

behavioral2

imminentpersistencespywaretrojan