Tool: Imminent Monitor

Description

[Imminent Monitor](https://attack.mitre.org/software/S0434) was a commodity remote access tool (RAT) offered for sale from 2012 until 2019, when an operation was conducted to take down the Imminent Monitor infrastructure. Various cracked versions and variations of this RAT are still in circulation.(Citation: Imminent Unit42 Dec2019)

External References

• mitre-attack
• Imminent Unit42 Dec2019

Techniques Used by This Tool

• T1021.001 — Remote Desktop Protocol
• T1027 — Obfuscated Files or Information
• T1041 — Exfiltration Over C2 Channel
• T1056.001 — Keylogging
• T1057 — Process Discovery
• T1059 — Command and Scripting Interpreter
• T1070.004 — File Deletion
• T1083 — File and Directory Discovery
• T1106 — Native API
• T1123 — Audio Capture
• T1125 — Video Capture
• T1140 — Deobfuscate/Decode Files or Information
• T1496.001 — Compute Hijacking
• T1555.003 — Credentials from Web Browsers
• T1562.001 — Disable or Modify Tools
• T1564.001 — Hidden Files and Directories

APT Groups Using This Tool

• TA2541
• APT-C-36