imminent | c809e2e044199a760b4b82f46e0b91eccd1868a8ecdfd4b46d0aab13e97dd5c1 | Triage

Sharing

General

Target

bad10e7a73dc3f07ccfc1031b4be97dc_JaffaCakes118
Size

206KB
Sample

240618-kmgj8szdlp
MD5

bad10e7a73dc3f07ccfc1031b4be97dc
SHA1

200edd71a5ab8c08fc0542b61bd18943eefc59bb
SHA256

c809e2e044199a760b4b82f46e0b91eccd1868a8ecdfd4b46d0aab13e97dd5c1
SHA512

ab1a1274b0a98b6029369fcd49ece52d8f5ad049e15e4c06fca6ab91cf8447fd5f692412b71819e29b08494c0236b925e3dfea2de33259a211a70f9ccceecff5
SSDEEP

3072:imLGeqioyN51MpjgPsoAbh2WtwAeyK4QupNwyb5O0koHy930n1Fb/nbgoA:qeTV4pjgk3F1iAy4fo61q9I/

Score

10^/10

imminent persistence spyware trojan

Malware Config

Targets

- Target
  
  bad10e7a73dc3f07ccfc1031b4be97dc_JaffaCakes118
- Size
  
  206KB
- MD5
  
  bad10e7a73dc3f07ccfc1031b4be97dc
- SHA1
  
  200edd71a5ab8c08fc0542b61bd18943eefc59bb
- SHA256
  
  c809e2e044199a760b4b82f46e0b91eccd1868a8ecdfd4b46d0aab13e97dd5c1
- SHA512
  
  ab1a1274b0a98b6029369fcd49ece52d8f5ad049e15e4c06fca6ab91cf8447fd5f692412b71819e29b08494c0236b925e3dfea2de33259a211a70f9ccceecff5
- SSDEEP
  
  3072:imLGeqioyN51MpjgPsoAbh2WtwAeyK4QupNwyb5O0koHy930n1Fb/nbgoA:qeTV4pjgk3F1iAy4fo61q9I/
Score

10^/10

imminent persistence spyware trojan
- Imminent RAT
  Remote-access trojan based on Imminent Monitor remote admin software.
  trojan spyware imminent
- Adds Run key to start application
  persistence
- Drops desktop.ini file(s)
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Boot or Logon Autostart Execution

Registry Run Keys / Startup Folder

Privilege Escalation

Boot or Logon Autostart Execution

Registry Run Keys / Startup Folder

Defense Evasion

Modify Registry

Credential Access

Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

imminentpersistencespywaretrojan

behavioral2

imminentpersistencespywaretrojan