imminent | 1c06364242025d376588209d7696b2a7d30b7dc821dce8e6e97765199022c96f | Triage

Sharing

General

Target

1c06364242025d376588209d7696b2a7d30b7dc821dce8e6e97765199022c96f
Size

541KB
Sample

221127-t4exeaca59
MD5

378a1bc54157f559dcd2d44a968aae8e
SHA1

4c22a9396fcb85a7c84efab452bf4994ad0a8ded
SHA256

1c06364242025d376588209d7696b2a7d30b7dc821dce8e6e97765199022c96f
SHA512

917d5604c0f09f87857e54978f1dfb8e9313881393fa1da4101606968747c1e764016b82adf758b12653e11b83032eb1dbc5383258fc498f5058e4e972ee356b
SSDEEP

12288:YR2siYxfXbvBv7LNN5BMR6TpEQy94Cj9jXUxgs:YRl5tXbvNz5e6TvCj9jXU2s

Score

10^/10

imminent persistence spyware trojan

Malware Config

Targets

- Target
  
  1c06364242025d376588209d7696b2a7d30b7dc821dce8e6e97765199022c96f
- Size
  
  541KB
- MD5
  
  378a1bc54157f559dcd2d44a968aae8e
- SHA1
  
  4c22a9396fcb85a7c84efab452bf4994ad0a8ded
- SHA256
  
  1c06364242025d376588209d7696b2a7d30b7dc821dce8e6e97765199022c96f
- SHA512
  
  917d5604c0f09f87857e54978f1dfb8e9313881393fa1da4101606968747c1e764016b82adf758b12653e11b83032eb1dbc5383258fc498f5058e4e972ee356b
- SSDEEP
  
  12288:YR2siYxfXbvBv7LNN5BMR6TpEQy94Cj9jXUxgs:YRl5tXbvNz5e6TvCj9jXU2s
Score

10^/10

imminent persistence spyware trojan
- Imminent RAT
  Remote-access trojan based on Imminent Monitor remote admin software.
  trojan spyware imminent
- Modifies WinLogon for persistence
  persistence
- Drops desktop.ini file(s)
behavioral1 behavioral2

MITRE ATT&CK Enterprise v6

Initial Access

Execution

Persistence

Winlogon Helper DLL

Privilege Escalation

Defense Evasion

Modify Registry

Credential Access

Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

imminentpersistencespywaretrojan

behavioral2

imminentpersistencespywaretrojan