imminent | 1de273f488ea140a7c9d367ed5f8a9f6c4559cfbcce0883d747f691d0f0fb1f1 | Triage

Submit
Reports

Overview

overview

Static

static

3

Pictures.rar

windows11-21h2-x64

Sharing

General

Target

Pictures.rar
Size

6.3MB
Sample

241217-a2h2havncv
MD5

16bdb4b0cd8790ce01727ef45f83f3a4
SHA1

c16b199a2f82927861ea71b51c9cab8b69fe8e5f
SHA256

1de273f488ea140a7c9d367ed5f8a9f6c4559cfbcce0883d747f691d0f0fb1f1
SHA512

a3537225fd1812f0c233c076a3f0929d8f668eb397eb51f759752b40d4da3c199066ea02efec41ebccc822f67c9f017db5a68e928a2b2e64d86327ff65abfdf4
SSDEEP

196608:AqGOJw1NWZLnH/ztVfi5j2kwLJMplKYVGQ:DxyNsLH/zfi5jeMpUYVl

Score

10^/10

imminent defense_evasion discovery persistence spyware trojan

Static task

static1

1 signatures

Behavioral task

behavioral1

Sample

Pictures.rar

Resource

win11-20241007-en

imminent defense_evasion discovery persistence spyware trojan

windows11-21h2-x64

25 signatures

150 seconds

Malware Config

Targets

- Target
  
  Pictures.rar
- Size
  
  6.3MB
- MD5
  
  16bdb4b0cd8790ce01727ef45f83f3a4
- SHA1
  
  c16b199a2f82927861ea71b51c9cab8b69fe8e5f
- SHA256
  
  1de273f488ea140a7c9d367ed5f8a9f6c4559cfbcce0883d747f691d0f0fb1f1
- SHA512
  
  a3537225fd1812f0c233c076a3f0929d8f668eb397eb51f759752b40d4da3c199066ea02efec41ebccc822f67c9f017db5a68e928a2b2e64d86327ff65abfdf4
- SSDEEP
  
  196608:AqGOJw1NWZLnH/ztVfi5j2kwLJMplKYVGQ:DxyNsLH/zfi5jeMpUYVl
Score

10^/10

imminent defense_evasion discovery persistence spyware trojan
- Imminent RAT
  Remote-access trojan based on Imminent Monitor remote admin software.
  trojan spyware imminent
- Imminent family
  imminent
- Executes dropped EXE
- Loads dropped DLL
- Uses the VBS compiler for execution
- Adds Run key to start application
  persistence
- Drops desktop.ini file(s)
behavioral1

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Command and Scripting Interpreter

Persistence

Boot or Logon Autostart Execution

Registry Run Keys / Startup Folder

Privilege Escalation

Boot or Logon Autostart Execution

Registry Run Keys / Startup Folder

Defense Evasion

Modify Registry

Subvert Trust Controls

SIP and Trust Provider Hijacking

Credential Access

Discovery

Remote System Discovery

System Information Discovery

System Location Discovery

System Language Discovery

System Network Configuration Discovery

Internet Connection Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

imminentdefense_evasiondiscoverypersistencespywaretrojan

© 2018-2024

Terms | Privacy