Overview

overview

9

Static

static

jitsi-2.10...64.exe

windows10-2004-x64

9

Sharing

Copy URL
Twitter E-mail

General

  • Target

    jitsi-2.10.5550-x64.exe

  • Size

    64.8MB

  • Sample

    221123-s3aevsch58

  • MD5

    546ef502e1e1584a610515c0ac9c9f3a

  • SHA1

    ba59d021517a7cde948510994fb3e9626c1b7376

  • SHA256

    4e5aa2e40cdf2dbba7a53b3aca2bfec7645a5ecef5e38cb6edcd27fb58539552

  • SHA512

    c754c45f7b3a545a65f1e98c3aa0bd1a94c9bc8770c189e3f4cde02d225064b217e569768f255bdcf1fb66d84d1814da6ec2ee9ace2c5b158f48087a98d86220

  • SSDEEP

    1572864:fhr4diBG/dW5zueUx12uFv6AW0RFKQM6MRoVZHWXDuIGHZSkVn:ZX4MueUH2mijIFSzGZuD0Sa

Score
9/10

Malware Config

Targets

    • Target

      jitsi-2.10.5550-x64.exe

    • Size

      64.8MB

    • MD5

      546ef502e1e1584a610515c0ac9c9f3a

    • SHA1

      ba59d021517a7cde948510994fb3e9626c1b7376

    • SHA256

      4e5aa2e40cdf2dbba7a53b3aca2bfec7645a5ecef5e38cb6edcd27fb58539552

    • SHA512

      c754c45f7b3a545a65f1e98c3aa0bd1a94c9bc8770c189e3f4cde02d225064b217e569768f255bdcf1fb66d84d1814da6ec2ee9ace2c5b158f48087a98d86220

    • SSDEEP

      1572864:fhr4diBG/dW5zueUx12uFv6AW0RFKQM6MRoVZHWXDuIGHZSkVn:ZX4MueUH2mijIFSzGZuD0Sa

    Score
    9/10

    • Detect jar appended to MSI

    • Blocklisted process makes network request

    • Checks computer location settings

      Looks up country code configured in the registry, likely geofence.

    • Loads dropped DLL

    • Enumerates connected drives

      Attempts to read the root path of hard drives other than the default C: drive.

    behavioral1

MITRE ATT&CK Matrix ATT&CK v6

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Query Registry

3
T1012

System Information Discovery

4
T1082

Peripheral Device Discovery

2
T1120

Lateral Movement

Collection

Exfiltration

Command and Control

Impact

Tasks