imminent | df97d1d585683a303400b1fc3f6c6efcc26d3dca58a953e64ba8e1c50c70f925 | Triage

Submit
Reports

Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

Overview

overview

Static

static

3

df97d1d585...25.exe

windows10-2004-x64

Sharing

General

Target

df97d1d585683a303400b1fc3f6c6efcc26d3dca58a953e64ba8e1c50c70f925.exe
Size

1.3MB
Sample

250323-g14eda1ygw
MD5

9981c0c91c4cf32e5160325284e9fc6c
SHA1

aeb6b8ef996542c5831e67ef89387d6c4a026bab
SHA256

df97d1d585683a303400b1fc3f6c6efcc26d3dca58a953e64ba8e1c50c70f925
SHA512

8b1d0f85e5728ee48cb6417cd974147aa64ab84f59d3c665d5de06864753b47ebf173776826da03f50f582355ed824987c91a1ba90d88a4d7f4b1debf11650ad
SSDEEP

24576:nFFWO5WqPbFPhGSSc5sus9Ux0HalJ2a9jRlbRgAeO7AT:nvZMqPJhGSSc5q9USCZRUF

Score

10^/10

imminent discovery persistence spyware trojan

Static task

static1

1 signatures

Behavioral task

behavioral1

Sample

df97d1d585683a303400b1fc3f6c6efcc26d3dca58a953e64ba8e1c50c70f925.exe

Resource

win10v2004-20250314-en

imminent discovery persistence spyware trojan

windows10-2004-x64

14 signatures

120 seconds

Malware Config

Targets

- Target
  
  df97d1d585683a303400b1fc3f6c6efcc26d3dca58a953e64ba8e1c50c70f925.exe
- Size
  
  1.3MB
- MD5
  
  9981c0c91c4cf32e5160325284e9fc6c
- SHA1
  
  aeb6b8ef996542c5831e67ef89387d6c4a026bab
- SHA256
  
  df97d1d585683a303400b1fc3f6c6efcc26d3dca58a953e64ba8e1c50c70f925
- SHA512
  
  8b1d0f85e5728ee48cb6417cd974147aa64ab84f59d3c665d5de06864753b47ebf173776826da03f50f582355ed824987c91a1ba90d88a4d7f4b1debf11650ad
- SSDEEP
  
  24576:nFFWO5WqPbFPhGSSc5sus9Ux0HalJ2a9jRlbRgAeO7AT:nvZMqPJhGSSc5q9USCZRUF
Score

10^/10

imminent discovery persistence spyware trojan
- Imminent RAT
  Remote-access trojan based on Imminent Monitor remote admin software.
  trojan spyware imminent
- Imminent family
  imminent
- Drops startup file
- Executes dropped EXE
- Adds Run key to start application
  persistence
- Drops desktop.ini file(s)
- Suspicious use of SetThreadContext
behavioral1

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Boot or Logon Autostart Execution

Registry Run Keys / Startup Folder

Privilege Escalation

Boot or Logon Autostart Execution

Registry Run Keys / Startup Folder

Defense Evasion

Modify Registry

Credential Access

Discovery

System Information Discovery

System Location Discovery

System Language Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

imminentdiscoverypersistencespywaretrojan

© 2018-2025

Terms | Privacy