5aa98d459d5cf1a14102e110edeeac849172bf7f0da7afc38e778201332db7a4 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

SecuriteInfo.com.W32.Trojan.JLXB-0978.13139.31935.exe
Size

717KB
Sample

240220-kbzaxaed84
MD5

43b5145b5ddce4a256b91b68c0b2add1
SHA1

9727925e102221c103c00b7dae6f868e53e92aae
SHA256

5aa98d459d5cf1a14102e110edeeac849172bf7f0da7afc38e778201332db7a4
SHA512

75063589ab570b5d28014de9eb8c6b00e0101709ed5d53bbae5019afd0e73b1936f2baf3eda386df4769ee99a8f36189f9b5bad29daccca4771cea9b7e59dbb8
SSDEEP

12288:M1f8uiEWyovxISvjAAr9w1000100001ZqOV8Ww/uQRqekzTIHNafnAr9w100010L:Mx8uiEWdeSvBX8JqekzTUNa8/0

Score

6^/10

motw phishing

Malware Config

Targets

- Target
  
  SecuriteInfo.com.W32.Trojan.JLXB-0978.13139.31935.exe
- Size
  
  717KB
- MD5
  
  43b5145b5ddce4a256b91b68c0b2add1
- SHA1
  
  9727925e102221c103c00b7dae6f868e53e92aae
- SHA256
  
  5aa98d459d5cf1a14102e110edeeac849172bf7f0da7afc38e778201332db7a4
- SHA512
  
  75063589ab570b5d28014de9eb8c6b00e0101709ed5d53bbae5019afd0e73b1936f2baf3eda386df4769ee99a8f36189f9b5bad29daccca4771cea9b7e59dbb8
- SSDEEP
  
  12288:M1f8uiEWyovxISvjAAr9w1000100001ZqOV8Ww/uQRqekzTIHNafnAr9w100010L:Mx8uiEWdeSvBX8JqekzTUNa8/0
Score

6^/10

motw phishing
- Downloads MZ/PE file
- Mark of the Web detected: This indicates that the page was originally saved or cloned.
  phishing motw
- Checks computer location settings
  Looks up country code configured in the registry, likely geofence.
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Modify Registry

Subvert Trust Controls

Install Root Certificate

Credential Access

Discovery

Query Registry

System Information Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2