evilnum | e7510a4f5a90271f278970a8cb62d116b15ff08884c072ef44e419f896d65237 | Triage

Submit
Reports

Overview

overview

Static

static

e7510a4f5a...37.lnk

windows7_x64

e7510a4f5a...37.lnk

windows10-2004_x64

Sharing

General

Target

e7510a4f5a90271f278970a8cb62d116b15ff08884c072ef44e419f896d65237
Size

134KB
Sample

220204-j91e7afghr
MD5

25d6eeba718af78275f2c9a4a58cd8b2
SHA1

97820a79fd43f664f553c46dca682bce135b2cc3
SHA256

e7510a4f5a90271f278970a8cb62d116b15ff08884c072ef44e419f896d65237
SHA512

6f213fb85e5f5f37e5f80e94625dfb04df2eb8682df9dffd2b045ac376a8fdd8a5d97f6f8eda8453fea2adbc1799ae0f9247ad09a2baac9d7c9654cdab4d770e

Score

10^/10

evilnum persistence trojan

Static task

static1

Behavioral task

behavioral1

Sample

e7510a4f5a90271f278970a8cb62d116b15ff08884c072ef44e419f896d65237.lnk

Resource

win7-en-20211208

windows7_x64

0 signatures

0 seconds

Behavioral task

behavioral2

Sample

e7510a4f5a90271f278970a8cb62d116b15ff08884c072ef44e419f896d65237.lnk

Resource

win10v2004-en-20220112

evilnum persistence trojan

windows10-2004_x64

0 signatures

0 seconds

Malware Config

Targets

- Target
  
  e7510a4f5a90271f278970a8cb62d116b15ff08884c072ef44e419f896d65237
- Size
  
  134KB
- MD5
  
  25d6eeba718af78275f2c9a4a58cd8b2
- SHA1
  
  97820a79fd43f664f553c46dca682bce135b2cc3
- SHA256
  
  e7510a4f5a90271f278970a8cb62d116b15ff08884c072ef44e419f896d65237
- SHA512
  
  6f213fb85e5f5f37e5f80e94625dfb04df2eb8682df9dffd2b045ac376a8fdd8a5d97f6f8eda8453fea2adbc1799ae0f9247ad09a2baac9d7c9654cdab4d770e
Score

10^/10

evilnum trojan persistence
- Evilnum
  A malware family with multiple components distributed through LNK files.
  trojan evilnum
- Sets service image path in registry
  persistence
- Checks computer location settings
  Looks up country code configured in the registry, likely geofence.
behavioral1 behavioral2

MITRE ATT&CK Enterprise v6

Initial Access

Execution

Persistence

Registry Run Keys / Startup Folder

Privilege Escalation

Defense Evasion

Modify Registry

Credential Access

Discovery

Query Registry

System Information Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2

evilnumpersistencetrojan

© 2018-2024

Terms | Privacy