imminent | b4ea3ca13bb72302d4928507a6c444dade36b1aaa86b86a809060b7f8701aa3a | Triage

Sharing

General

Target

b4ea3ca13bb72302d4928507a6c444dade36b1aaa86b86a809060b7f8701aa3a
Size

362KB
Sample

221127-slxttsbe6w
MD5

9a09740751f32e9035f5e16fb055f4a1
SHA1

4dc7a9063e8af9687526d9d0c24a2cb57e58e6d0
SHA256

b4ea3ca13bb72302d4928507a6c444dade36b1aaa86b86a809060b7f8701aa3a
SHA512

797468d551b4b5763082923fd1b00363dc5e98f84913faf3f8873539aa5dbb14c1775dc6676e18678bfbf97c0d7e9ba84cd48646803ad896a61bf3db13f32090
SSDEEP

6144:2DThhoW1IF+H/oBXIWOyHYp9103jgk99ytvHRJ0uTv+oXfOM:2Ph6WiFwoDTHy03h+tMuTGAfJ

Score

10^/10

imminent persistence spyware trojan

Malware Config

Targets

- Target
  
  b4ea3ca13bb72302d4928507a6c444dade36b1aaa86b86a809060b7f8701aa3a
- Size
  
  362KB
- MD5
  
  9a09740751f32e9035f5e16fb055f4a1
- SHA1
  
  4dc7a9063e8af9687526d9d0c24a2cb57e58e6d0
- SHA256
  
  b4ea3ca13bb72302d4928507a6c444dade36b1aaa86b86a809060b7f8701aa3a
- SHA512
  
  797468d551b4b5763082923fd1b00363dc5e98f84913faf3f8873539aa5dbb14c1775dc6676e18678bfbf97c0d7e9ba84cd48646803ad896a61bf3db13f32090
- SSDEEP
  
  6144:2DThhoW1IF+H/oBXIWOyHYp9103jgk99ytvHRJ0uTv+oXfOM:2Ph6WiFwoDTHy03h+tMuTGAfJ
Score

10^/10

imminent persistence spyware trojan
- Imminent RAT
  Remote-access trojan based on Imminent Monitor remote admin software.
  trojan spyware imminent
- Adds Run key to start application
  persistence
- Drops desktop.ini file(s)
- Suspicious use of SetThreadContext
behavioral1 behavioral2

MITRE ATT&CK Enterprise v6

Initial Access

Execution

Persistence

Registry Run Keys / Startup Folder

Privilege Escalation

Defense Evasion

Modify Registry

Credential Access

Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

imminentpersistencespywaretrojan

behavioral2

imminentpersistencespywaretrojan