Overview

overview

10

Static

static

1c06364242...6f.exe

windows7-x64

10

1c06364242...6f.exe

windows10-2004-x64

10

Sharing

Copy URL
Twitter E-mail

General

  • Target

    1c06364242025d376588209d7696b2a7d30b7dc821dce8e6e97765199022c96f

  • Size

    541KB

  • Sample

    221127-t4exeaca59

  • MD5

    378a1bc54157f559dcd2d44a968aae8e

  • SHA1

    4c22a9396fcb85a7c84efab452bf4994ad0a8ded

  • SHA256

    1c06364242025d376588209d7696b2a7d30b7dc821dce8e6e97765199022c96f

  • SHA512

    917d5604c0f09f87857e54978f1dfb8e9313881393fa1da4101606968747c1e764016b82adf758b12653e11b83032eb1dbc5383258fc498f5058e4e972ee356b

  • SSDEEP

    12288:YR2siYxfXbvBv7LNN5BMR6TpEQy94Cj9jXUxgs:YRl5tXbvNz5e6TvCj9jXU2s

Score
10/10
imminentpersistencespywaretrojan

Malware Config

Targets

    • Target

      1c06364242025d376588209d7696b2a7d30b7dc821dce8e6e97765199022c96f

    • Size

      541KB

    • MD5

      378a1bc54157f559dcd2d44a968aae8e

    • SHA1

      4c22a9396fcb85a7c84efab452bf4994ad0a8ded

    • SHA256

      1c06364242025d376588209d7696b2a7d30b7dc821dce8e6e97765199022c96f

    • SHA512

      917d5604c0f09f87857e54978f1dfb8e9313881393fa1da4101606968747c1e764016b82adf758b12653e11b83032eb1dbc5383258fc498f5058e4e972ee356b

    • SSDEEP

      12288:YR2siYxfXbvBv7LNN5BMR6TpEQy94Cj9jXUxgs:YRl5tXbvNz5e6TvCj9jXU2s

    Score
    10/10
    imminentpersistencespywaretrojan

    • Imminent RAT

      Remote-access trojan based on Imminent Monitor remote admin software.

      trojanspywareimminent

    • Modifies WinLogon for persistence

      persistence

    • Drops desktop.ini file(s)

    behavioral1behavioral2

MITRE ATT&CK Matrix ATT&CK v6

Initial Access

Execution

Persistence

Winlogon Helper DLL

1
T1004

Privilege Escalation

Defense Evasion

Modify Registry

1
T1112

Credential Access

Discovery

Lateral Movement

Collection

Exfiltration

Command and Control

Impact

Tasks