imminent | e6983c0dc51db375e0748d9df52c02100cf6ab3b4a04cc9576c66b880d9e5850 | Triage

Sharing

General

Target

e6983c0dc51db375e0748d9df52c02100cf6ab3b4a04cc9576c66b880d9e5850
Size

652KB
Sample

221127-az9rfabf2z
MD5

855bf0bed431ccbde5aad7648372d376
SHA1

4d873d0ebc725a074f3f921585367d646c78dec2
SHA256

e6983c0dc51db375e0748d9df52c02100cf6ab3b4a04cc9576c66b880d9e5850
SHA512

78a1f68ad06bbdd6f8fd7e0661bbce1b4543b01a64830d745199116cd51744a690d45d8dda0b2d87bbfefda903aa00b80d5867e5db9e719e3fb582f94503604f
SSDEEP

12288:qF2KRbrlXCmemeR6GH6ZwKDKD97s9I/BLQLSu1Oc7m3CNBR5Y:FycmemewzZwKDKD97DSL1myB

Score

10^/10

imminent persistence spyware trojan

Malware Config

Targets

- Target
  
  e6983c0dc51db375e0748d9df52c02100cf6ab3b4a04cc9576c66b880d9e5850
- Size
  
  652KB
- MD5
  
  855bf0bed431ccbde5aad7648372d376
- SHA1
  
  4d873d0ebc725a074f3f921585367d646c78dec2
- SHA256
  
  e6983c0dc51db375e0748d9df52c02100cf6ab3b4a04cc9576c66b880d9e5850
- SHA512
  
  78a1f68ad06bbdd6f8fd7e0661bbce1b4543b01a64830d745199116cd51744a690d45d8dda0b2d87bbfefda903aa00b80d5867e5db9e719e3fb582f94503604f
- SSDEEP
  
  12288:qF2KRbrlXCmemeR6GH6ZwKDKD97s9I/BLQLSu1Oc7m3CNBR5Y:FycmemewzZwKDKD97DSL1myB
Score

10^/10

imminent persistence spyware trojan
- Imminent RAT
  Remote-access trojan based on Imminent Monitor remote admin software.
  trojan spyware imminent
- Modifies WinLogon for persistence
  persistence
- Adds Run key to start application
  persistence
- Drops desktop.ini file(s)
behavioral1 behavioral2

MITRE ATT&CK Enterprise v6

Initial Access

Execution

Persistence

Registry Run Keys / Startup Folder

Winlogon Helper DLL

Privilege Escalation

Defense Evasion

Modify Registry

Credential Access

Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

imminentpersistencespywaretrojan

behavioral2

imminentpersistencespywaretrojan