imminent | f46ce7a09f1f7a18ac7654aae603881b610c60ccae8ce1dfeabf48311aa4c7a1 | Triage

Sharing

General

Target

477452a05820a5412b7776fb9e1f9deba37f505c60b6826fd5f19815c18b2aec.zip
Size

316KB
Sample

240119-k358jabed7
MD5

c40d84ab5518f074d9d34d6190f66508
SHA1

997214867a49b9faa20d8da0724c81a8dfec5042
SHA256

f46ce7a09f1f7a18ac7654aae603881b610c60ccae8ce1dfeabf48311aa4c7a1
SHA512

33d320d9569ba03fd00da9e880212708b2f94b7525e49d42982af469cae1a3f42e32ed801c689005410cc1b9b8f55b7c19cd9b1ee61d1c9902bcde3e3ad5480b
SSDEEP

6144:uexjHbluj7cIyTzuDzC5Yr9t/wWU20V3uh5q9Na6Bs1cMBP7IXynjlHrr:nh7lQWODzKYrr/rX0V+y9xBs1ZxRj5v

Score

10^/10

imminent persistence spyware trojan

Malware Config

Targets

- Target
  
  477452a05820a5412b7776fb9e1f9deba37f505c60b6826fd5f19815c18b2aec
- Size
  
  322KB
- MD5
  
  59ac350b071b6fac37ca371be5fb0146
- SHA1
  
  95439872f36d6822191fa3a79a8214149b22013d
- SHA256
  
  477452a05820a5412b7776fb9e1f9deba37f505c60b6826fd5f19815c18b2aec
- SHA512
  
  8eb3cab09d4e479159f9ba28425f25adcc5221dfa4407f137cbe9d6aeb4d0b7a383e311ac2d3c4cf18e55dd69e8f163324cdfa5598069e77aef71a9430638c6f
- SSDEEP
  
  6144:td0Xed7HqjyeJbmfKRLtamCg8NiijKkmFTOwwRznwFl3h3vSv:td0XeUdJbmfwJamCg8HGLCOD
Score

10^/10

imminent persistence spyware trojan
- Imminent RAT
  Remote-access trojan based on Imminent Monitor remote admin software.
  trojan spyware imminent
- Adds Run key to start application
  persistence
- Drops desktop.ini file(s)
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Boot or Logon Autostart Execution

Registry Run Keys / Startup Folder

Privilege Escalation

Boot or Logon Autostart Execution

Registry Run Keys / Startup Folder

Defense Evasion

Modify Registry

Credential Access

Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

imminentpersistencespywaretrojan

behavioral2

imminentpersistencespywaretrojan