imminent | df9b5c3d58393807277d0951d5addfd7a75eab2cf870610748732cb5515ee282 | Triage

Sharing

General

Target

df9b5c3d58393807277d0951d5addfd7a75eab2cf870610748732cb5515ee282
Size

508KB
Sample

241102-tvaakaygpe
MD5

8d9f065aba1ed7a30073bec0df1d7f03
SHA1

694379f4a8d389cc38506745789fa94c2a0e3629
SHA256

df9b5c3d58393807277d0951d5addfd7a75eab2cf870610748732cb5515ee282
SHA512

6066630868ba509d7c48cce46e4d7598bd90c1e9423592f65ea87a846ed01b3b0f90708d15b61069417fb09450bcc570139a8e632754ab2036ff969e6d635f09
SSDEEP

12288:UY7/675KjZoaaDr6DdYS228E6gAblG6+lH:uMjZL/DHB8vni

Score

10^/10

imminent discovery persistence spyware trojan

Malware Config

Targets

- Target
  
  df9b5c3d58393807277d0951d5addfd7a75eab2cf870610748732cb5515ee282
- Size
  
  508KB
- MD5
  
  8d9f065aba1ed7a30073bec0df1d7f03
- SHA1
  
  694379f4a8d389cc38506745789fa94c2a0e3629
- SHA256
  
  df9b5c3d58393807277d0951d5addfd7a75eab2cf870610748732cb5515ee282
- SHA512
  
  6066630868ba509d7c48cce46e4d7598bd90c1e9423592f65ea87a846ed01b3b0f90708d15b61069417fb09450bcc570139a8e632754ab2036ff969e6d635f09
- SSDEEP
  
  12288:UY7/675KjZoaaDr6DdYS228E6gAblG6+lH:uMjZL/DHB8vni
Score

10^/10

imminent discovery persistence spyware trojan
- Imminent RAT
  Remote-access trojan based on Imminent Monitor remote admin software.
  trojan spyware imminent
- Imminent family
  imminent
- Checks computer location settings
  Looks up country code configured in the registry, likely geofence.
- Deletes itself
- Executes dropped EXE
- Loads dropped DLL
- Adds Run key to start application
  persistence
- Drops desktop.ini file(s)
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Boot or Logon Autostart Execution

Registry Run Keys / Startup Folder

Privilege Escalation

Boot or Logon Autostart Execution

Registry Run Keys / Startup Folder

Defense Evasion

Modify Registry

Credential Access

Discovery

Query Registry

Remote System Discovery

System Information Discovery

System Location Discovery

System Language Discovery

System Network Configuration Discovery

Internet Connection Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

imminentdiscoverypersistencespywaretrojan

behavioral2

imminentdiscoverypersistencespywaretrojan