General
-
Target
jitsi-2.10.5550-x64.exe
-
Size
64.8MB
-
Sample
221123-s3aevsch58
-
MD5
546ef502e1e1584a610515c0ac9c9f3a
-
SHA1
ba59d021517a7cde948510994fb3e9626c1b7376
-
SHA256
4e5aa2e40cdf2dbba7a53b3aca2bfec7645a5ecef5e38cb6edcd27fb58539552
-
SHA512
c754c45f7b3a545a65f1e98c3aa0bd1a94c9bc8770c189e3f4cde02d225064b217e569768f255bdcf1fb66d84d1814da6ec2ee9ace2c5b158f48087a98d86220
-
SSDEEP
1572864:fhr4diBG/dW5zueUx12uFv6AW0RFKQM6MRoVZHWXDuIGHZSkVn:ZX4MueUH2mijIFSzGZuD0Sa
Static task
static1
Behavioral task
behavioral1
Sample
jitsi-2.10.5550-x64.exe
Resource
win10v2004-20220812-en
Malware Config
Targets
-
-
Target
jitsi-2.10.5550-x64.exe
-
Size
64.8MB
-
MD5
546ef502e1e1584a610515c0ac9c9f3a
-
SHA1
ba59d021517a7cde948510994fb3e9626c1b7376
-
SHA256
4e5aa2e40cdf2dbba7a53b3aca2bfec7645a5ecef5e38cb6edcd27fb58539552
-
SHA512
c754c45f7b3a545a65f1e98c3aa0bd1a94c9bc8770c189e3f4cde02d225064b217e569768f255bdcf1fb66d84d1814da6ec2ee9ace2c5b158f48087a98d86220
-
SSDEEP
1572864:fhr4diBG/dW5zueUx12uFv6AW0RFKQM6MRoVZHWXDuIGHZSkVn:ZX4MueUH2mijIFSzGZuD0Sa
Score9/10-
Detect jar appended to MSI
-
Blocklisted process makes network request
-
Checks computer location settings
Looks up country code configured in the registry, likely geofence.
-
Loads dropped DLL
-
Enumerates connected drives
Attempts to read the root path of hard drives other than the default C: drive.
-