c170ae81f3c9b26cd9fc7d88545afb8841388de9d0c0f00dabcf288b89a8da8e | Triage

Submit
Reports

Overview

overview

7

Static

static

3

2024-04-08...xz.exe

windows7-x64

7

2024-04-08...xz.exe

windows10-2004-x64

7

Sharing

Copy URL Twitter E-mail

General

Target

2024-04-08_1d30f1473c71a1676f55b57ba8a9047a_magniber_revil_zxxz
Size

24.3MB
Sample

240409-sz38rsah88
MD5

1d30f1473c71a1676f55b57ba8a9047a
SHA1

57c06e7c4871af9fdf3eb702c7ffdff3910aef4e
SHA256

c170ae81f3c9b26cd9fc7d88545afb8841388de9d0c0f00dabcf288b89a8da8e
SHA512

cbdf187f0a668b03b2e9de7b336c871cf831c8554f1b44952fcb7ca437b03bd745250da8cca4541ad96e4d9fe9d1c304a75463ed5b5ec0b3b88f4746cee7a01f
SSDEEP

196608:KP0Hj6JigboXZDwqY8a/qVwsEXX1KOgCu3JK1Op3H2SAmGcWqnlv018jTp3n:KPboGX8a/jWWu3cI2D/cWcls1Gh

Score

7^/10

spyware stealer

Static task

static1

1 signatures

Behavioral task

behavioral1

Sample

2024-04-08_1d30f1473c71a1676f55b57ba8a9047a_magniber_revil_zxxz.exe

Resource

win7-20240221-en

windows7-x64

7 signatures

150 seconds

Behavioral task

behavioral2

Sample

2024-04-08_1d30f1473c71a1676f55b57ba8a9047a_magniber_revil_zxxz.exe

Resource

win10v2004-20231215-en

spyware stealer

windows10-2004-x64

14 signatures

150 seconds

Malware Config

Targets

- Target
  
  2024-04-08_1d30f1473c71a1676f55b57ba8a9047a_magniber_revil_zxxz
- Size
  
  24.3MB
- MD5
  
  1d30f1473c71a1676f55b57ba8a9047a
- SHA1
  
  57c06e7c4871af9fdf3eb702c7ffdff3910aef4e
- SHA256
  
  c170ae81f3c9b26cd9fc7d88545afb8841388de9d0c0f00dabcf288b89a8da8e
- SHA512
  
  cbdf187f0a668b03b2e9de7b336c871cf831c8554f1b44952fcb7ca437b03bd745250da8cca4541ad96e4d9fe9d1c304a75463ed5b5ec0b3b88f4746cee7a01f
- SSDEEP
  
  196608:KP0Hj6JigboXZDwqY8a/qVwsEXX1KOgCu3JK1Op3H2SAmGcWqnlv018jTp3n:KPboGX8a/jWWu3cI2D/cWcls1Gh
Score

7^/10

spyware stealer
- Executes dropped EXE
- Loads dropped DLL
- Reads user/profile data of web browsers
  Infostealers often target stored browser data, which can include saved credentials etc.
  spyware stealer
- Drops file in System32 directory
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Unsecured Credentials

Credentials In Files

Discovery

Peripheral Device Discovery

Query Registry

System Information Discovery

Lateral Movement

Collection

Data from Local System

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2

© 2018-2025

Terms | Privacy