438d963d6e0f216004c1e38de11bc49a21b53d02a77afcf09b494b3671808e9e | Triage

Submit
Reports

Overview

overview

7

Static

static

3

2024-04-28...xz.exe

windows7-x64

7

2024-04-28...xz.exe

windows10-2004-x64

1

Sharing

General

Target

2024-04-28_aced6ce2e806b1fc34265de4d1def5d0_magniber_revil_zxxz
Size

24.3MB
Sample

240428-l46fcsdd8z
MD5

aced6ce2e806b1fc34265de4d1def5d0
SHA1

343f3b7a4f8ee377567c62f4d74cd686de559ab5
SHA256

438d963d6e0f216004c1e38de11bc49a21b53d02a77afcf09b494b3671808e9e
SHA512

b585723bba1857b26e8e760e4c47041cc5269297fb2c44a5b7704f8bcfe92ead28861f84d2901ce6e9b4281ed37975e7d68c52b3632f07a1f7941b8cc0988b89
SSDEEP

196608:yP0Hj6JigboXZDwqY8a/qVwsEXX1KOgCu3JK1Op1H2SAmGcWqnlv0188IoQ:yPboGX8a/jWWu3cq2D/cWcls1j/

Score

7^/10

spyware stealer

Static task

static1

1 signatures

Behavioral task

behavioral1

Sample

2024-04-28_aced6ce2e806b1fc34265de4d1def5d0_magniber_revil_zxxz.exe

Resource

win7-20240221-en

spyware stealer

windows7-x64

16 signatures

150 seconds

Behavioral task

behavioral2

Sample

2024-04-28_aced6ce2e806b1fc34265de4d1def5d0_magniber_revil_zxxz.exe

Resource

win10v2004-20240426-en

windows10-2004-x64

0 signatures

150 seconds

Malware Config

Targets

- Target
  
  2024-04-28_aced6ce2e806b1fc34265de4d1def5d0_magniber_revil_zxxz
- Size
  
  24.3MB
- MD5
  
  aced6ce2e806b1fc34265de4d1def5d0
- SHA1
  
  343f3b7a4f8ee377567c62f4d74cd686de559ab5
- SHA256
  
  438d963d6e0f216004c1e38de11bc49a21b53d02a77afcf09b494b3671808e9e
- SHA512
  
  b585723bba1857b26e8e760e4c47041cc5269297fb2c44a5b7704f8bcfe92ead28861f84d2901ce6e9b4281ed37975e7d68c52b3632f07a1f7941b8cc0988b89
- SSDEEP
  
  196608:yP0Hj6JigboXZDwqY8a/qVwsEXX1KOgCu3JK1Op1H2SAmGcWqnlv0188IoQ:yPboGX8a/jWWu3cq2D/cWcls1j/
Score

7^/10

spyware stealer
- Executes dropped EXE
- Loads dropped DLL
- Reads user/profile data of web browsers
  Infostealers often target stored browser data, which can include saved credentials etc.
  spyware stealer
- Drops file in System32 directory
behavioral1 behavioral2

MITRE ATT&CK Matrix ATT&CK v13

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Unsecured Credentials

Credentials In Files

Discovery

Query Registry

Lateral Movement

Collection

Data from Local System

Exfiltration

Command and Control

Impact

Resource Development

Reconnaissance

Tasks

static1

behavioral1

behavioral2

© 2018-2024

Terms | Privacy