imminent | 5d8446a23b80e9b6cb7406c2ba81d606685cf11b24e9eb8309153a47b04f3aad | Triage

Sharing

General

Target

5d8446a23b80e9b6cb7406c2ba81d606685cf11b24e9eb8309153a47b04f3aad.exe
Size

354KB
Sample

240928-mbg3qszgmp
MD5

a728603061b5aa98fa40fb0447ba71e3
SHA1

ee0e249026d4ab18f34cb2c8670cb868a9bb03f6
SHA256

5d8446a23b80e9b6cb7406c2ba81d606685cf11b24e9eb8309153a47b04f3aad
SHA512

9da43ec72f85557bf117cb4e6bf85b5233bee04ffd526233dc183d7a18e408f383009e7668e4a541ed31ca703bfed05e5b36dc30f3b5f7ae45cffab8b8811b89
SSDEEP

6144:VQq2fqS+L/IKCLbFstC9yJpinokDoP8KAOoVksPJ+can:V2f+L/eLb2qCtihj4

Score

10^/10

imminent discovery persistence spyware trojan

Malware Config

Targets

- Target
  
  5d8446a23b80e9b6cb7406c2ba81d606685cf11b24e9eb8309153a47b04f3aad.exe
- Size
  
  354KB
- MD5
  
  a728603061b5aa98fa40fb0447ba71e3
- SHA1
  
  ee0e249026d4ab18f34cb2c8670cb868a9bb03f6
- SHA256
  
  5d8446a23b80e9b6cb7406c2ba81d606685cf11b24e9eb8309153a47b04f3aad
- SHA512
  
  9da43ec72f85557bf117cb4e6bf85b5233bee04ffd526233dc183d7a18e408f383009e7668e4a541ed31ca703bfed05e5b36dc30f3b5f7ae45cffab8b8811b89
- SSDEEP
  
  6144:VQq2fqS+L/IKCLbFstC9yJpinokDoP8KAOoVksPJ+can:V2f+L/eLb2qCtihj4
Score

10^/10

imminent discovery persistence spyware trojan
- Imminent RAT
  Remote-access trojan based on Imminent Monitor remote admin software.
  trojan spyware imminent
- Adds Run key to start application
  persistence
- Drops desktop.ini file(s)
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Boot or Logon Autostart Execution

Registry Run Keys / Startup Folder

Privilege Escalation

Boot or Logon Autostart Execution

Registry Run Keys / Startup Folder

Defense Evasion

Modify Registry

Credential Access

Discovery

System Location Discovery

System Language Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

imminentdiscoverypersistencespywaretrojan

behavioral2

imminentdiscoverypersistencespywaretrojan