aa6e1360ba6d000e68dcaada61391751dac2260aefdf6f6a28702e40a2513013 | Triage

Submit
Reports

Overview

overview

Static

static

2024-03-09...il.exe

windows7-x64

7

2024-03-09...il.exe

windows10-2004-x64

9

Sharing

General

Target

2024-03-09_814869a3013ca1761ec33f72ac785f77_magniber_revil
Size

16.1MB
Sample

240309-lh6h8sfe3x
MD5

814869a3013ca1761ec33f72ac785f77
SHA1

3d6b0c7d8d6148f37364d8a0d178c9c3325137a0
SHA256

aa6e1360ba6d000e68dcaada61391751dac2260aefdf6f6a28702e40a2513013
SHA512

43dbbf19b369e431d9bba15ae26778fdf322a28bc8094df7d3528c58a95839b9e6201f0dab8862cc57b2e508915a2b6150603dd4b3d33c75fb5e206d17052165
SSDEEP

393216:6RjlV3inuC5K1M5ut2nijFiyD7XMOx0JrqNbUG2zYY14dYCCt37p9O:ylV3dC5K1M5FijwyDrP0dG2E

Score

10^/10

spyware stealer

Static task

static1

2 signatures

Behavioral task

behavioral1

Sample

2024-03-09_814869a3013ca1761ec33f72ac785f77_magniber_revil.exe

Resource

win7-20240221-en

spyware stealer

windows7-x64

8 signatures

150 seconds

Behavioral task

behavioral2

Sample

2024-03-09_814869a3013ca1761ec33f72ac785f77_magniber_revil.exe

Resource

win10v2004-20240226-en

spyware stealer

windows10-2004-x64

11 signatures

150 seconds

Malware Config

Targets

- Target
  
  2024-03-09_814869a3013ca1761ec33f72ac785f77_magniber_revil
- Size
  
  16.1MB
- MD5
  
  814869a3013ca1761ec33f72ac785f77
- SHA1
  
  3d6b0c7d8d6148f37364d8a0d178c9c3325137a0
- SHA256
  
  aa6e1360ba6d000e68dcaada61391751dac2260aefdf6f6a28702e40a2513013
- SHA512
  
  43dbbf19b369e431d9bba15ae26778fdf322a28bc8094df7d3528c58a95839b9e6201f0dab8862cc57b2e508915a2b6150603dd4b3d33c75fb5e206d17052165
- SSDEEP
  
  393216:6RjlV3inuC5K1M5ut2nijFiyD7XMOx0JrqNbUG2zYY14dYCCt37p9O:ylV3dC5K1M5FijwyDrP0dG2E
Score

9^/10

spyware stealer
- Detects binaries (Windows and macOS) referencing many web browsers. Observed in information stealers.
- Detects executables containing SQL queries to confidential data stores. Observed in infostealers
- Reads user/profile data of web browsers
  Infostealers often target stored browser data, which can include saved credentials etc.
  spyware stealer
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Modify Registry

Subvert Trust Controls

Install Root Certificate

Credential Access

Unsecured Credentials

Credentials In Files

Discovery

Lateral Movement

Collection

Data from Local System

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2

© 2018-2024

Terms | Privacy