imminent | e352336170b56831ba5768ec6af2ae592abc72398d98f0c1a9a53773e2878a62 | Triage

Submit
Reports

Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

Overview

overview

Static

static

e352336170...62.exe

windows7-x64

e352336170...62.exe

windows10-2004-x64

Sharing

General

Target

e352336170b56831ba5768ec6af2ae592abc72398d98f0c1a9a53773e2878a62
Size

481KB
Sample

221130-tl9dasef74
MD5

b9b314fc245634b5230eea2736c24959
SHA1

1ef8f02c5a60a70d88b79d263a1646b4c9ef9815
SHA256

e352336170b56831ba5768ec6af2ae592abc72398d98f0c1a9a53773e2878a62
SHA512

dd4fb8f45480b9591140e4e813add30bad1c8eab3ccadfd00e3d5e4c05e36170c4345e2af52b5b332bdb9145c594b867199899ace2f0712178f3e88e494172a8
SSDEEP

6144:JXjbNpPRMx8hU9K+SRhj+dBsWHuKCRnNrMmv1IH/V0MgraPWGuLfcwSpb1H78i+L:+NikBsKPVZwa+2J7p55UbEy

Score

10^/10

imminent persistence spyware trojan

Static task

static1

Behavioral task

behavioral1

Sample

e352336170b56831ba5768ec6af2ae592abc72398d98f0c1a9a53773e2878a62.exe

Resource

win7-20220812-en

imminent persistence spyware trojan

windows7-x64

14 signatures

150 seconds

Behavioral task

behavioral2

Sample

e352336170b56831ba5768ec6af2ae592abc72398d98f0c1a9a53773e2878a62.exe

Resource

win10v2004-20220812-en

imminent persistence spyware trojan

windows10-2004-x64

14 signatures

150 seconds

Malware Config

Targets

- Target
  
  e352336170b56831ba5768ec6af2ae592abc72398d98f0c1a9a53773e2878a62
- Size
  
  481KB
- MD5
  
  b9b314fc245634b5230eea2736c24959
- SHA1
  
  1ef8f02c5a60a70d88b79d263a1646b4c9ef9815
- SHA256
  
  e352336170b56831ba5768ec6af2ae592abc72398d98f0c1a9a53773e2878a62
- SHA512
  
  dd4fb8f45480b9591140e4e813add30bad1c8eab3ccadfd00e3d5e4c05e36170c4345e2af52b5b332bdb9145c594b867199899ace2f0712178f3e88e494172a8
- SSDEEP
  
  6144:JXjbNpPRMx8hU9K+SRhj+dBsWHuKCRnNrMmv1IH/V0MgraPWGuLfcwSpb1H78i+L:+NikBsKPVZwa+2J7p55UbEy
Score

10^/10

imminent persistence spyware trojan
- Imminent RAT
  Remote-access trojan based on Imminent Monitor remote admin software.
  trojan spyware imminent
- Executes dropped EXE
- Checks computer location settings
  Looks up country code configured in the registry, likely geofence.
- Deletes itself
- Loads dropped DLL
- Adds Run key to start application
  persistence
behavioral1 behavioral2

MITRE ATT&CK Enterprise v6

Initial Access

Execution

Persistence

Registry Run Keys / Startup Folder

Privilege Escalation

Defense Evasion

Modify Registry

Credential Access

Discovery

Peripheral Device Discovery

Query Registry

Remote System Discovery

System Information Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

imminentpersistencespywaretrojan

behavioral2

imminentpersistencespywaretrojan

© 2018-2025

Terms | Privacy

We care about your privacy.

This website stores cookies on your computer. These cookies are used to improve your website experience and provide more personalized services to you, both on this website and through other media. To find out more about the cookies we use, see our Privacy Policy.