evilnum | c7cf5c62ecfade27338acb2cc91a06c2615dbb97711f2558a9379ee8a5306720 | Triage

Sharing

General

Target

ffee111b993de52e2034e31953dee86b_JaffaCakes118
Size

1.5MB
Sample

240930-ep6z1sxcqr
MD5

ffee111b993de52e2034e31953dee86b
SHA1

e88f7946cc7b987b0c49b28d770e722bd0fa3a04
SHA256

c7cf5c62ecfade27338acb2cc91a06c2615dbb97711f2558a9379ee8a5306720
SHA512

390d7a6d438ef634c7456a9f51948b22e250c61f2fac69493bb0cf1a06dfb189da191aca4e8ff4078b53f7092a1595309fb2b3eaa300e8989a2484b914151c47
SSDEEP

24576:7EyQe3EmVBbtCv51m8Pj7wLSDCFRKShXUYg5qsr3nD6908MzCHsAz08UKh0ua4nc:7Esrt21h7wSDCFZg5zmazCMAIChNaYjw

Score

10^/10

evilnum execution trojan

Malware Config

Targets

- Target
  
  ffee111b993de52e2034e31953dee86b_JaffaCakes118
- Size
  
  1.5MB
- MD5
  
  ffee111b993de52e2034e31953dee86b
- SHA1
  
  e88f7946cc7b987b0c49b28d770e722bd0fa3a04
- SHA256
  
  c7cf5c62ecfade27338acb2cc91a06c2615dbb97711f2558a9379ee8a5306720
- SHA512
  
  390d7a6d438ef634c7456a9f51948b22e250c61f2fac69493bb0cf1a06dfb189da191aca4e8ff4078b53f7092a1595309fb2b3eaa300e8989a2484b914151c47
- SSDEEP
  
  24576:7EyQe3EmVBbtCv51m8Pj7wLSDCFRKShXUYg5qsr3nD6908MzCHsAz08UKh0ua4nc:7Esrt21h7wSDCFZg5zmazCMAIChNaYjw
Score

10^/10

evilnum execution trojan
- Evilnum
  A malware family with multiple components distributed through LNK files.
  trojan evilnum
- Checks computer location settings
  Looks up country code configured in the registry, likely geofence.
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Command and Scripting Interpreter

JavaScript

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Query Registry

System Information Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

evilnumexecutiontrojan

behavioral2

evilnumexecutiontrojan