7135c985da8136c9a9d794b4d81a752e4e4e0c2495e1e372d664eb853b310a83 | Triage

Submit
Reports

Overview

overview

7

Static

static

3

jellyfin_1...64.exe

windows7-x64

7

jellyfin_1...64.exe

windows10-2004-x64

7

Resubmissions

17-12-2023 17:39

231217-v8nksafbcj 7

Sharing

General

Target

jellyfin_10.8.13_windows-x64.exe
Size

122.8MB
Sample

231217-v8nksafbcj
MD5

83329554b6f0f7be7554f77c2c5768f3
SHA1

e537640eec9a430ec3cf07a5219e2f37c511a805
SHA256

7135c985da8136c9a9d794b4d81a752e4e4e0c2495e1e372d664eb853b310a83
SHA512

7945c7fe6c17482da4d82128cc27608651e330782e2dd57e9a71cf4106dd8e00b77d3b2c7dd1cc6f06bf9af77798dd46187b303fa79d62c5bed1071fa30a95d5
SSDEEP

3145728:Qzo95K/eptH53y3cFnFFHzvEGHfx0OxYZ7SZFKxZNJ/kwgXCYw9X:2o9Uef53qyFFTvz/x0O6swNJAXeX

Score

7^/10

discovery persistence

Static task

static1

1 signatures

Behavioral task

behavioral1

Sample

jellyfin_10.8.13_windows-x64.exe

Resource

win7-20231215-en

discovery persistence

windows7-x64

15 signatures

150 seconds

Behavioral task

behavioral2

Sample

jellyfin_10.8.13_windows-x64.exe

Resource

win10v2004-20231215-en

discovery persistence

windows10-2004-x64

12 signatures

150 seconds

Malware Config

Targets

- Target
  
  jellyfin_10.8.13_windows-x64.exe
- Size
  
  122.8MB
- MD5
  
  83329554b6f0f7be7554f77c2c5768f3
- SHA1
  
  e537640eec9a430ec3cf07a5219e2f37c511a805
- SHA256
  
  7135c985da8136c9a9d794b4d81a752e4e4e0c2495e1e372d664eb853b310a83
- SHA512
  
  7945c7fe6c17482da4d82128cc27608651e330782e2dd57e9a71cf4106dd8e00b77d3b2c7dd1cc6f06bf9af77798dd46187b303fa79d62c5bed1071fa30a95d5
- SSDEEP
  
  3145728:Qzo95K/eptH53y3cFnFFHzvEGHfx0OxYZ7SZFKxZNJ/kwgXCYw9X:2o9Uef53qyFFTvz/x0O6swNJAXeX
Score

7^/10

discovery persistence
- Checks computer location settings
  Looks up country code configured in the registry, likely geofence.
- Executes dropped EXE
- Loads dropped DLL
- Adds Run key to start application
  persistence
- Checks installed software on the system
  Looks up Uninstall key entries in the registry to enumerate software on the system.
  discovery
behavioral1 behavioral2

MITRE ATT&CK Matrix ATT&CK v13

Initial Access

Execution

Persistence

Boot or Logon Autostart Execution

Registry Run Keys / Startup Folder

Privilege Escalation

Boot or Logon Autostart Execution

Registry Run Keys / Startup Folder

Defense Evasion

Modify Registry

Credential Access

Discovery

Query Registry

System Information Discovery

Lateral Movement

Collection

Exfiltration

Command and Control

Impact

Resource Development

Reconnaissance

Tasks

static1

behavioral1

discoverypersistence

behavioral2

discoverypersistence

© 2018-2024

Terms | Privacy