imminent | 4762b3698567f6ca4476b7efda3c9c8aac61b9d3123d67cd2379d8dbfcd8ebff | Triage

Submit
Reports

Overview

overview

Static

static

Atualizaç....3.exe

windows7-x64

Atualizaç....3.exe

windows10-2004-x64

Sharing

General

Target

4762b3698567f6ca4476b7efda3c9c8aac61b9d3123d67cd2379d8dbfcd8ebff
Size

605KB
Sample

221127-mjebtaac85
MD5

10d50f6d602c7226059e474446961752
SHA1

762085efb1976770d0030ece0df8c45bc70e7b13
SHA256

4762b3698567f6ca4476b7efda3c9c8aac61b9d3123d67cd2379d8dbfcd8ebff
SHA512

6e1ab1a48b9c476d030b2f4a62512e16a05d94c9bddac35043d936c217028f979ec7b8ac9ceacfcadf773ceabc3b7fcde1d1bc3aa2c1415c5b17be71428ef980
SSDEEP

12288:GUqGjCSIzDzzXRZCasVJpxmRDdnDRU08hAFhiU7ENld7A2mhJB2MVq:GUqiGnzXRZh+pkRDhSAjQd3mhTtq

Score

10^/10

imminent persistence spyware trojan

Static task

static1

Behavioral task

behavioral1

Sample

Atualização UPF n. 2.2.0.3.exe

Resource

win7-20220812-en

windows7-x64

8 signatures

150 seconds

Behavioral task

behavioral2

Sample

Atualização UPF n. 2.2.0.3.exe

Resource

win10v2004-20220812-en

imminent persistence spyware trojan

windows10-2004-x64

15 signatures

150 seconds

Malware Config

Targets

- Target
  
  Atualização UPF n. 2.2.0.3.exe
- Size
  
  1.0MB
- MD5
  
  2401765178074a5b2f7aa40df5d5eb9b
- SHA1
  
  f51da992a5c9c6980223c9fbc39b1175abb3d8d0
- SHA256
  
  4622a83bb4d5b4e7d8e0ea963c927f9a900adb62bc1ab0263409e03d91a59eee
- SHA512
  
  af00476c5571281b1b1028b267bf70a28d00bcbc181aa8b422249dfabcf68d127795d15780321cba3c04e606742e33c2847143b359728bb0cdc0a7cff5cc8e25
- SSDEEP
  
  12288:vUOyMQXOm6Qx7701919qSyVgEHObxxvN8owF3mNpeod8Cw7KZkFkF4:vPlQXf6Qxv0pkhLOdxvNB+ibwWZS
Score

10^/10

persistence imminent spyware trojan
- Imminent RAT
  Remote-access trojan based on Imminent Monitor remote admin software.
  trojan spyware imminent
- Modifies WinLogon for persistence
  persistence
- Executes dropped EXE
- Checks computer location settings
  Looks up country code configured in the registry, likely geofence.
- Loads dropped DLL
- Drops desktop.ini file(s)
- Suspicious use of SetThreadContext
behavioral1 behavioral2

MITRE ATT&CK Enterprise v6

Initial Access

Execution

Persistence

Winlogon Helper DLL

Privilege Escalation

Defense Evasion

Modify Registry

Credential Access

Discovery

Process Discovery

Query Registry

System Information Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2

imminentpersistencespywaretrojan

© 2018-2025

Terms | Privacy