2024-05-08_120967cd36b34fc16dc39e8873a12175_avoslocker_revil | Triage

Sharing

Copy URL Twitter E-mail

General

Target

2024-05-08_120967cd36b34fc16dc39e8873a12175_avoslocker_revil
Size

2.3MB
MD5

120967cd36b34fc16dc39e8873a12175
SHA1

ab60b900dc8da5a5a351556e51d6a11ae04357ca
SHA256

d382753f11325ae8fb355b93ea6e40934614264831aef8e96f8debd69b4244a2
SHA512

4c508fd36fb42f8a99500266ee84303ab2cb485553e3e39748fb949eb03721cc24f7da89c30c6092ba10a821c2b8a7a8f27e36f7e4d3101911cfb3dc3195eac8
SSDEEP

49152:T6vjMzX8grzqAG1zZ4rP+v3FypefmG9jDitP9+/EN:T6vYzj/GxZcA3gpAmVT+/k

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
2024-05-08_120967cd36b34fc16dc39e8873a12175_avoslocker_revil

Files

2024-05-08_120967cd36b34fc16dc39e8873a12175_avoslocker_revil
.exe windows:6 windows x86 arch:x86

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Sections

.text
Size: 2.0MB - Virtual size: 2.0MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 553KB - Virtual size: 552KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 27KB - Virtual size: 534KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 295KB - Virtual size: 295KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 81KB - Virtual size: 80KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ