evilnum | 83c375dcdadb8467955f5e124cf4e8d6eac78c51c03fb7393dc810a243ba1a90 | Triage

Sharing

General

Target

fc00819c4cdc8609313041cf345a7dca_JaffaCakes118
Size

938KB
Sample

240928-lgen5aycnk
MD5

fc00819c4cdc8609313041cf345a7dca
SHA1

3cb2d94e7a3b6d6141106e3973189e06306ce2f0
SHA256

83c375dcdadb8467955f5e124cf4e8d6eac78c51c03fb7393dc810a243ba1a90
SHA512

53b2761be2a805aa6cdc7857b70da8b25ccf0990dc1f9a6501ed73af9909db6a58667b9bcd786c9acc19309b18bc228ac02d3ebe97063b1cf6bf2362c935131c
SSDEEP

12288:HZ3Si/5CQsdRgvhS+u1vBcxqDE/4QiqkgLGVRivcLwOtIO1nKnYn/oGug+:53D5C5LgvMr1mx8y4dqLGnZn12Yngfg+

Score

10^/10

evilnum execution trojan

Malware Config

Targets

- Target
  
  fc00819c4cdc8609313041cf345a7dca_JaffaCakes118
- Size
  
  938KB
- MD5
  
  fc00819c4cdc8609313041cf345a7dca
- SHA1
  
  3cb2d94e7a3b6d6141106e3973189e06306ce2f0
- SHA256
  
  83c375dcdadb8467955f5e124cf4e8d6eac78c51c03fb7393dc810a243ba1a90
- SHA512
  
  53b2761be2a805aa6cdc7857b70da8b25ccf0990dc1f9a6501ed73af9909db6a58667b9bcd786c9acc19309b18bc228ac02d3ebe97063b1cf6bf2362c935131c
- SSDEEP
  
  12288:HZ3Si/5CQsdRgvhS+u1vBcxqDE/4QiqkgLGVRivcLwOtIO1nKnYn/oGug+:53D5C5LgvMr1mx8y4dqLGnZn12Yngfg+
Score

10^/10

evilnum execution trojan
- Evilnum
  A malware family with multiple components distributed through LNK files.
  trojan evilnum
- Checks computer location settings
  Looks up country code configured in the registry, likely geofence.
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Command and Scripting Interpreter

JavaScript

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Query Registry

System Information Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

evilnumexecutiontrojan

behavioral2

evilnumexecutiontrojan