Overview

overview

9

Static

static

3

2024-04-05...il.exe

windows7-x64

9

2024-04-05...il.exe

windows10-2004-x64

1

Analysis

  • max time kernel
    93s
  • max time network
    94s
  • platform
    windows10-2004_x64
  • resource
    win10v2004-20240226-en
  • resource tags

    arch:x64arch:x86image:win10v2004-20240226-enlocale:en-usos:windows10-2004-x64system
  • submitted
    05/04/2024, 12:07

Sharing

Copy URL Twitter E-mail
Report Analysis Logs

General

  • Target

    2024-04-05_5fe2f8ba1163f3bc2607c615c9e8965e_magniber_revil.exe

  • Size

    5.7MB

  • MD5

    5fe2f8ba1163f3bc2607c615c9e8965e

  • SHA1

    ed8edfa829727f720a80995bb99183a0ff08eb4b

  • SHA256

    0008dbbdd0df4b5fc85b262d88711a7df791c7db9d38c54a15dfa9c648ccf198

  • SHA512

    9280ca6cc3e2feaba52b866a1fe7c82c289dde8892e36e5faaf9204a4b3f12c6aa7cca89b1e4e1c0454ee0f6d1e5aa31e56f504c7ad347792481a3c681061174

  • SSDEEP

    98304:b/6n94bDY2EBcBuq62V///4nAWakrn7S/IhWoaVVfs/VIsMF4JD8iulhq7Nm9kVA:uMD+cpvJ/4H3nmghWoa/fsysMF4JD85/

Score
1/10

Malware Config

Signatures

  • Suspicious behavior: EnumeratesProcesses 2 IoCs
  • Suspicious use of FindShellTrayWindow 1 IoCs
  • Suspicious use of SendNotifyMessage 1 IoCs

Processes

  • C:\Users\Admin\AppData\Local\Temp\2024-04-05_5fe2f8ba1163f3bc2607c615c9e8965e_magniber_revil.exe
    "C:\Users\Admin\AppData\Local\Temp\2024-04-05_5fe2f8ba1163f3bc2607c615c9e8965e_magniber_revil.exe"
    1⤵
    • Suspicious behavior: EnumeratesProcesses
    • Suspicious use of FindShellTrayWindow
    • Suspicious use of SendNotifyMessage
    PID:4936

Network

        MITRE ATT&CK Matrix

        Replay Monitor

        Loading Replay Monitor...

        Downloads

        • C:\Users\Admin\AppData\Local\Temp\yjs_log\log.log
          Filesize

          652B

          MD5

          9da8b9fc64ef9606aa892d02ad9bcbd7

          SHA1

          fa20e50a2340e11bc389916d99b2b36a00306e66

          SHA256

          6b37e7721334856a7d12253d5f66d2f5293ceb5d1c1ddec1ed03498862e2de76

          SHA512

          57b24ae5f7ace27273f1e2d40bae0af03a15d83cca26bda051a14df85b7439800d7e784f2456963bdaf657e24512f31a28c7dfc37358344236f1f960ec365f56

          Download Submit

        • C:\Users\Admin\AppData\Local\Temp\yjs_log\log.log
          Filesize

          3KB

          MD5

          0dd7001bafac0fedcd65ab9641d7129c

          SHA1

          1b8e5b08e6460d3d127849e8bb295b944cef1f93

          SHA256

          b605491c8b37bc62d19869d936a435bf2c2987d60b2f7b9e6393db3055185bb1

          SHA512

          a74d72ce5f70b02ec7f3a8333f160b740bfb625e222fe998ae468d8b05775a15b426dc3361333730b45724ce03f49a44ab98020edec598f1ddb53464dbb647ab

          Download Submit

        • C:\Users\Admin\AppData\Local\Temp\yjs_log\log.log
          Filesize

          310B

          MD5

          2f916b928d5a1a71ed6720ad2fa37bba

          SHA1

          f81b9be3e3d21804efec959f1cd199f3f93ce185

          SHA256

          1b119be70eaae911990551b7db07a51313941aee6655ff30a6008f9cdf923fbc

          SHA512

          e30226e8c2f456c7e8c44a8acfd05815b2530eedb74a40c3a5f1e7dd37066da8035b5bbe4881ca80345b8f3b4e6480779196ebf5f196105feb2a830ef64c6ef1

          Download Submit