imminent | 12d0b3603ce81c1f27f0a07bf84c2df7e9218c74a543bf196758523babe09ee7 | Triage

Sharing

General

Target

12d0b3603ce81c1f27f0a07bf84c2df7e9218c74a543bf196758523babe09ee7
Size

555KB
Sample

221128-xw2yraaa67
MD5

6d68f07977eca88d827e0b9484c848f0
SHA1

8195c1ee1114a4867c53b7ea255890fa7a3eacac
SHA256

12d0b3603ce81c1f27f0a07bf84c2df7e9218c74a543bf196758523babe09ee7
SHA512

99f62cb0d6468c823568534c663acbcf49b195d7b4b1df85e252a3930cc70757b252a7b507b16ee7cfe60af6bf572a6d726006958b097205bcab96059e2f3624
SSDEEP

6144:daIpkJ0+Lf1CoKQvwlX5cF5MSEdOOmR9eY865azUuSchCe8bfAPEDFV4klFuPGcy:daImJ714h52MSEdOVO6Mb1Li/FV8u/

Score

10^/10

imminent persistence spyware trojan

Malware Config

Targets

- Target
  
  12d0b3603ce81c1f27f0a07bf84c2df7e9218c74a543bf196758523babe09ee7
- Size
  
  555KB
- MD5
  
  6d68f07977eca88d827e0b9484c848f0
- SHA1
  
  8195c1ee1114a4867c53b7ea255890fa7a3eacac
- SHA256
  
  12d0b3603ce81c1f27f0a07bf84c2df7e9218c74a543bf196758523babe09ee7
- SHA512
  
  99f62cb0d6468c823568534c663acbcf49b195d7b4b1df85e252a3930cc70757b252a7b507b16ee7cfe60af6bf572a6d726006958b097205bcab96059e2f3624
- SSDEEP
  
  6144:daIpkJ0+Lf1CoKQvwlX5cF5MSEdOOmR9eY865azUuSchCe8bfAPEDFV4klFuPGcy:daImJ714h52MSEdOVO6Mb1Li/FV8u/
Score

10^/10

imminent persistence spyware trojan
- Imminent RAT
  Remote-access trojan based on Imminent Monitor remote admin software.
  trojan spyware imminent
- Adds Run key to start application
  persistence
- Drops desktop.ini file(s)
- Suspicious use of SetThreadContext
behavioral1 behavioral2

MITRE ATT&CK Enterprise v6

Initial Access

Execution

Persistence

Registry Run Keys / Startup Folder

Privilege Escalation

Defense Evasion

Modify Registry

Credential Access

Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

imminentpersistencespywaretrojan

behavioral2

imminentpersistencespywaretrojan