imminent | e5159cb4a98200dafc755fcbd318752f07c0a52484a9476e03e29634af719791 | Triage

Submit
Reports

Overview

overview

Static

static

3

0fa1641d0f...18.exe

windows7-x64

0fa1641d0f...18.exe

windows10-2004-x64

Sharing

Copy URL Twitter E-mail

General

Target

0fa1641d0f7a38d91f9c0f5ccba97bef_JaffaCakes118
Size

5.6MB
Sample

240503-en13daef5z
MD5

0fa1641d0f7a38d91f9c0f5ccba97bef
SHA1

641843d10e4bc552571e8d6a6b268113e6f35cd3
SHA256

e5159cb4a98200dafc755fcbd318752f07c0a52484a9476e03e29634af719791
SHA512

f31aec3faa7d1df0038618494b01d7e45a24c3e655636278a23ec7c42b66b3b2eee7e22ab9f946e5b58d3d1d2db317294283eb1b740501c4cc52782a21ce6c24
SSDEEP

12288:kPgLGxLltS85jhGlgkV/koBEGOs+cHr7O8tnvydi:9LWTby/kHrvKDn

Score

10^/10

imminent spyware trojan

Static task

static1

1 signatures

Behavioral task

behavioral1

Sample

0fa1641d0f7a38d91f9c0f5ccba97bef_JaffaCakes118.exe

Resource

win7-20240221-en

imminent spyware trojan

windows7-x64

12 signatures

150 seconds

Behavioral task

behavioral2

Sample

0fa1641d0f7a38d91f9c0f5ccba97bef_JaffaCakes118.exe

Resource

win10v2004-20240419-en

imminent spyware trojan

windows10-2004-x64

14 signatures

150 seconds

Malware Config

Targets

- Target
  
  0fa1641d0f7a38d91f9c0f5ccba97bef_JaffaCakes118
- Size
  
  5.6MB
- MD5
  
  0fa1641d0f7a38d91f9c0f5ccba97bef
- SHA1
  
  641843d10e4bc552571e8d6a6b268113e6f35cd3
- SHA256
  
  e5159cb4a98200dafc755fcbd318752f07c0a52484a9476e03e29634af719791
- SHA512
  
  f31aec3faa7d1df0038618494b01d7e45a24c3e655636278a23ec7c42b66b3b2eee7e22ab9f946e5b58d3d1d2db317294283eb1b740501c4cc52782a21ce6c24
- SSDEEP
  
  12288:kPgLGxLltS85jhGlgkV/koBEGOs+cHr7O8tnvydi:9LWTby/kHrvKDn
Score

10^/10

imminent spyware trojan
- Imminent RAT
  Remote-access trojan based on Imminent Monitor remote admin software.
  trojan spyware imminent
- Checks computer location settings
  Looks up country code configured in the registry, likely geofence.
- Executes dropped EXE
- Loads dropped DLL
- Drops desktop.ini file(s)
- Suspicious use of SetThreadContext
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Query Registry

System Information Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

imminentspywaretrojan

behavioral2

imminentspywaretrojan

© 2018-2025

Terms | Privacy