imminent | eae8ccac6a821dd8197f5de385fbc0df6b701df3f713a70436e9ab74d430c7e7 | Triage

Submit
Reports

Overview

overview

Static

static

eae8ccac6a...e7.exe

windows7-x64

eae8ccac6a...e7.exe

windows10-2004-x64

Sharing

General

Target

eae8ccac6a821dd8197f5de385fbc0df6b701df3f713a70436e9ab74d430c7e7
Size

272KB
Sample

221127-h2kjbshb43
MD5

e28a329c001b6bff0d25d825214acf98
SHA1

bee957bf0288e1c424da07b934b8394364cdfe77
SHA256

eae8ccac6a821dd8197f5de385fbc0df6b701df3f713a70436e9ab74d430c7e7
SHA512

5cff7293ef71dd0493cbc3ab4564d1b012bca0d165817ed48135f27f78b6c4787d00c3c4bc0a43ff64007be1c14b806791f82710aff97902741b4670b0b083d8
SSDEEP

6144:RbDepdSVkuz8TQMHNcaZuhODxbEpEEgl9tfHhX0rCctlp:8dSVkuwTQMH5ZuaamlrJXnI

Score

10^/10

imminent persistence spyware trojan

Static task

static1

Behavioral task

behavioral1

Sample

eae8ccac6a821dd8197f5de385fbc0df6b701df3f713a70436e9ab74d430c7e7.exe

Resource

win7-20221111-en

imminent persistence spyware trojan

windows7-x64

14 signatures

150 seconds

Behavioral task

behavioral2

Sample

eae8ccac6a821dd8197f5de385fbc0df6b701df3f713a70436e9ab74d430c7e7.exe

Resource

win10v2004-20221111-en

imminent persistence spyware trojan

windows10-2004-x64

16 signatures

150 seconds

Malware Config

Targets

- Target
  
  eae8ccac6a821dd8197f5de385fbc0df6b701df3f713a70436e9ab74d430c7e7
- Size
  
  272KB
- MD5
  
  e28a329c001b6bff0d25d825214acf98
- SHA1
  
  bee957bf0288e1c424da07b934b8394364cdfe77
- SHA256
  
  eae8ccac6a821dd8197f5de385fbc0df6b701df3f713a70436e9ab74d430c7e7
- SHA512
  
  5cff7293ef71dd0493cbc3ab4564d1b012bca0d165817ed48135f27f78b6c4787d00c3c4bc0a43ff64007be1c14b806791f82710aff97902741b4670b0b083d8
- SSDEEP
  
  6144:RbDepdSVkuz8TQMHNcaZuhODxbEpEEgl9tfHhX0rCctlp:8dSVkuwTQMH5ZuaamlrJXnI
Score

10^/10

imminent persistence spyware trojan
- Imminent RAT
  Remote-access trojan based on Imminent Monitor remote admin software.
  trojan spyware imminent
- Executes dropped EXE
- Checks computer location settings
  Looks up country code configured in the registry, likely geofence.
- Deletes itself
- Loads dropped DLL
- Adds Run key to start application
  persistence
- Drops desktop.ini file(s)
behavioral1 behavioral2

MITRE ATT&CK Enterprise v6

Initial Access

Execution

Persistence

Registry Run Keys / Startup Folder

Privilege Escalation

Defense Evasion

Modify Registry

Credential Access

Discovery

Peripheral Device Discovery

Query Registry

Remote System Discovery

System Information Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

imminentpersistencespywaretrojan

behavioral2

imminentpersistencespywaretrojan

© 2018-2025

Terms | Privacy