imminent | ac85218079883ff68b6d74a779d9c997cf766d572545d8663d8adf0fd1de8ffe | Triage

Sharing

General

Target

f02f5716cfe88fc8d7d4c15f60a8a021_JaffaCakes118
Size

339KB
Sample

240921-tw6eds1gqh
MD5

f02f5716cfe88fc8d7d4c15f60a8a021
SHA1

1a46a0f597816da380891902f9f46c69c8f0e5a8
SHA256

ac85218079883ff68b6d74a779d9c997cf766d572545d8663d8adf0fd1de8ffe
SHA512

dcfdc94dcf7d365c5c9785abdc0f529a50f71a15a6f79a90f267c746eca9c8fb62778782f154bbc2d6c8965b48b42ae3e7256caeb3d5872f8814af1b3117b980
SSDEEP

6144:Yl0k35P1KamRQ+2kl3F+3ebiTGTUaHiIkpiOcA+EZr0dawtE6d:Yl0knWjVF+Ob+GTBZk8bE90da56

Score

10^/10

imminent discovery persistence spyware trojan

Malware Config

Targets

- Target
  
  f02f5716cfe88fc8d7d4c15f60a8a021_JaffaCakes118
- Size
  
  339KB
- MD5
  
  f02f5716cfe88fc8d7d4c15f60a8a021
- SHA1
  
  1a46a0f597816da380891902f9f46c69c8f0e5a8
- SHA256
  
  ac85218079883ff68b6d74a779d9c997cf766d572545d8663d8adf0fd1de8ffe
- SHA512
  
  dcfdc94dcf7d365c5c9785abdc0f529a50f71a15a6f79a90f267c746eca9c8fb62778782f154bbc2d6c8965b48b42ae3e7256caeb3d5872f8814af1b3117b980
- SSDEEP
  
  6144:Yl0k35P1KamRQ+2kl3F+3ebiTGTUaHiIkpiOcA+EZr0dawtE6d:Yl0knWjVF+Ob+GTBZk8bE90da56
Score

10^/10

discovery imminent persistence spyware trojan
- Imminent RAT
  Remote-access trojan based on Imminent Monitor remote admin software.
  trojan spyware imminent
- Checks computer location settings
  Looks up country code configured in the registry, likely geofence.
- Deletes itself
- Executes dropped EXE
- Loads dropped DLL
- Adds Run key to start application
  persistence
- Drops desktop.ini file(s)
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Boot or Logon Autostart Execution

Registry Run Keys / Startup Folder

Privilege Escalation

Boot or Logon Autostart Execution

Registry Run Keys / Startup Folder

Defense Evasion

Modify Registry

Credential Access

Discovery

Query Registry

Remote System Discovery

System Information Discovery

System Location Discovery

System Language Discovery

System Network Configuration Discovery

Internet Connection Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2

imminentdiscoverypersistencespywaretrojan