imminent | 2c5a372bed4212a73627ec35e5dcab998a41b9e6361364166531d0ca9a708ed4

Sharing

Copy URL

Twitter E-mail

General

Target

imminent.rar
Size

2.6MB
Sample

241208-qfpvxsvjex
MD5

f5ab63dea30a9aff6eeab3b09c42b615
SHA1

27fdd5262e7ab344ac92d31316c2ecafc18cbe4f
SHA256

2c5a372bed4212a73627ec35e5dcab998a41b9e6361364166531d0ca9a708ed4
SHA512

40cf1ff8de3cb7aae067e33dd602a5aaee71da96184a95235e09bda4c3c777a0944653d68c650591d1dd4857b19948c10eea43284f6c5f90eef4c2fe46a0c4ab
SSDEEP

49152:eLJIygRcJrkeSw0gtrgHzI+DodiYIIthEa1z5h69ICBBfBax4pnU1fvMm9RMrd:eLJuRckIxgThovIIjEaBH693ox4NUlUx

Score

10^/10

Malware Config

Targets

- Target
  
  Nueva carpeta/ClientPlugin.dll
- Size
  
  16KB
- MD5
  
  2b02de4647260361b18de39df5af1ac6
- SHA1
  
  9962edeef532d66c41d7f4124b865b3c843a5ee2
- SHA256
  
  94e757aaf2f333d53eb0dd4f941fbd445d36fc27383201d60b3c1073cac20ec1
- SHA512
  
  ac0e358f3796b79dd0ebe8bfee90cf707631f88eaff17b14f52d40907391f37b5b0799efe1d026b6891b13b4be1d5c57d85ec94b865549bab45c3484a74a3cd2
- SSDEEP
  
  48:6QCPmB8+bNJdC6PSeFL+uJmkWuzHTb8NLaCCyAul7J6FHWIDp6:YPmBldCiSeF0sbvJ6p2WI
Score

1^/10
behavioral1 behavioral2
- Target
  
  Nueva carpeta/Imminent Monitor.exe
- Size
  
  300KB
- MD5
  
  ebc3d684263f675195579880a1f4635b
- SHA1
  
  aa3ae071ad15e32e177f5625e2928933e99fef53
- SHA256
  
  5db60f1ca25c6e7486fa6225cdf3e822cdfbac91321c5aabc4a1686eac0057d6
- SHA512
  
  90ff436c9b098b0a75da84047097dd2d0a7f8d2bf4a7405db8148a26fd5e7124a8326c0772026a00958a4382d415cba880144069f0e30226985070f9424e8601
- SSDEEP
  
  6144:2g13b5v1SgMt1zPTG5cN5L4ghzsuEPN1aDyjHWA6d:2obB3MbzPTGOXL4wzs1auKA6
Score

10^/10

imminent discovery persistence spyware trojan
- Imminent RAT
  Remote-access trojan based on Imminent Monitor remote admin software.
  trojan spyware imminent
- Imminent family
  imminent
- Checks computer location settings
  Looks up country code configured in the registry, likely geofence.
- Deletes itself
- Executes dropped EXE
- Loads dropped DLL
- Adds Run key to start application
  persistence
- Drops desktop.ini file(s)
behavioral3 behavioral4
- Target
  
  Nueva carpeta/LZLoader.dll
- Size
  
  9KB
- MD5
  
  f93937b67a4a89ef91e122ddd30bb35c
- SHA1
  
  639378443c4d21130eecd653b9e3b18d8116a10a
- SHA256
  
  0245467395e61c0e873612f38705e47a4b72acaaf0a3ba02ee65b20470488825
- SHA512
  
  d65d2e7cf8d22a4fd80ad915f5a9dd9e689ab854fe646a6493a79959ca4f8666e3de734ec62befb81b16140e6426ce45f7f95159e54911c6bfe39f57768f83fc
- SSDEEP
  
  192:YTMCusNiWrELdAi1Qo3DygImXwKe9Hv9iGDVugbQ8xO:YwOiWrE4stIu7eFvDDVHkYO
Score

1^/10
behavioral5 behavioral6
- Target
  
  Nueva carpeta/PluginCompiler.exe
- Size
  
  123KB
- MD5
  
  6c2242c5e7dbb27604ab8589e6aeab59
- SHA1
  
  f11ad59179a529dcbe4e784230b44c5c5a375ab4
- SHA256
  
  7c89eff22f5c9833ba989a2e76c1e8eec608733385333b0f54e53c4bf170ad3d
- SHA512
  
  3dc3a24d89eafecf3d16a78e83e26df49f38849b1d13705c2848e40e2b8233378dcd952f296d8aa45d218b689a1568db8f099fff2204b2fbc30e2ebf6e4917ca
- SSDEEP
  
  1536:1eEG32q4waCrk0H3rXSAYqTD56Zw+cas71X3qrN7Lij35I:1VG3EwauSS5+cas71X3qrN7L03q
Score

1^/10
behavioral7 behavioral8
- Target
  
  Nueva carpeta/ServerPlugin.dll
- Size
  
  17KB
- MD5
  
  8e23de9de0ebc74378d1f976e486708f
- SHA1
  
  2bc874633aecb03136820e5bb910d2696d21ddd6
- SHA256
  
  ab7e2f0a6ac459ecfc447f9f0233d464b3d6ab304b1b2502a8cd8571a4597df0
- SHA512
  
  680a1897fd7153511257bb54cc62145a0b3f408b745cb506feb0ae7ea6dc6950a850aa3f3444cc49e6afe34c98a2a04bd5f69f4ab2c898a5d11ed137a3e36f5d
- SSDEEP
  
  96:rJwtLFdy/Vlely6zfWaHX0xl7jEoSBDhXKl8Xh8tY/Fg:6Mle5Caw2Bp6ch6Y6
Score

1^/10
behavioral10 behavioral9
- Target
  
  Nueva carpeta/System.Data.SQLite.dll
- Size
  
  296KB
- MD5
  
  9de0359c4dbaa172816f92edbcd2e520
- SHA1
  
  7304c6fb494eded08362145f900fba862a0910c9
- SHA256
  
  2b96825e4d15c133f3ae2cd5b1b5b0d55d3ad555fafa7084c1bebae498e4a7a4
- SHA512
  
  69208f0e2b95b3ad8e7a7dce627923ac8b7da4baef676042dbca201f8ed59672a010e5010ea331acb01102680e2c59052b0ae970107d7957e8f0545997d1ee12
- SSDEEP
  
  6144:gUXNHkK0GFNFaFeFOFwcGF6cmFWc0FWc8cIcKcUFJFpcNcHc7cbchFFc5cbc1czB:zuWFNFaFeFOFwcGF6cmFWc0FWc8cIcKI
Score

1^/10
behavioral11 behavioral12
- Target
  
  Nueva carpeta/x64/SQLite.Interop.dll
- Size
  
  1.3MB
- MD5
  
  9f3a8f20b2dc75d6929fb5b8fff2482d
- SHA1
  
  3ad465f0f88c62cabafb4391b42c7574f1c3713b
- SHA256
  
  96808011497199bcc8ab349c95576b4ad1dd7e14b659297bdad37656fb299e17
- SHA512
  
  0f4b9cc24f600de788c0051425e881069bc9d92997667f8816823fc9cf3291b864a6816daa7bde061364c707847251e0fa24eb0cb6cfa66dacca7dce9314c9b0
- SSDEEP
  
  24576:1pNPzsYJhtFWlX0yDFiw5LkwxgC9ft+7VL6tQCD1YKH0Mco:NPoutErfkwxg2+g6CW
Score

1^/10
behavioral13 behavioral14
- Target
  
  Nueva carpeta/x86/SQLite.Interop.dll
- Size
  
  965KB
- MD5
  
  c4e06a424d1e30f8dcb6c5dbf3f0362e
- SHA1
  
  8d710450083603379464e9f27383e0faa6af9ed8
- SHA256
  
  fbca96fc7b4428b49672f1f3a99d94ae9e4a796f47a661a5a9b50b6d1eec688a
- SHA512
  
  a4db4427b1da72461e4f433998a3ace56ce8c2770d57f232dca7c536c31cdd2d970a00293b200996cd3713231551e0a729f36052d04ddd76ba51af4af6f07858
- SSDEEP
  
  24576:mSBGWo6cHCZsTd2k4bhaA/kpzxOowz5QrQE+:aWl8CXP8y0x0E+
Score

3^/10

discovery
behavioral15 behavioral16

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Boot or Logon Autostart Execution

T1547

Registry Run Keys / Startup Folder

T1547.001

Privilege Escalation

Boot or Logon Autostart Execution

T1547

Registry Run Keys / Startup Folder

T1547.001

Defense Evasion

Modify Registry

T1112

Credential Access

Discovery

Query Registry

T1012

Remote System Discovery

T1018

System Information Discovery

T1082

System Location Discovery

T1614

System Language Discovery

T1614.001

System Network Configuration Discovery

T1016

Internet Connection Discovery

T1016.001

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

Sharing

General

Malware Config

Targets

Imminent RAT

Imminent family

Checks computer location settings

Deletes itself

Executes dropped EXE

Loads dropped DLL

Adds Run key to start application

Drops desktop.ini file(s)

MITRE ATT&CK Enterprise v15

Tasks

static1

behavioral1

behavioral2

behavioral3

behavioral4

behavioral5

behavioral6

behavioral7

behavioral8

behavioral9

behavioral10

behavioral11

behavioral12

behavioral13

behavioral14

behavioral15

behavioral16