General
-
Target
2024-05-22_6a26e4f098ad94bcb3668d653651d504_avoslocker_revil
-
Size
6.5MB
-
Sample
240522-b7glasgd85
-
MD5
6a26e4f098ad94bcb3668d653651d504
-
SHA1
c9325f118c00695082975444a46e3569cb2511a0
-
SHA256
ed7ea89db04f6f264ef912d7f3c5934bde8521dd1898a0e179903698115d4c1e
-
SHA512
c2c0daeea1583ab2d7c029b4ea47567a4e45345eaa5bd9cb85a320fd068344c2516cf98923f9fda19e0775b80dfcf1a76bd56e175290e01a253adbb8e59f4814
-
SSDEEP
98304:eI9tiSH6a6gfFCZ8th/yp3qvZ4ypOKRxoBBTxBQk6dtQF:eAH6aff4+4p84yjRyBNxqQF
Static task
static1
Behavioral task
behavioral1
Sample
2024-05-22_6a26e4f098ad94bcb3668d653651d504_avoslocker_revil.exe
Resource
win7-20240221-en
Behavioral task
behavioral2
Sample
2024-05-22_6a26e4f098ad94bcb3668d653651d504_avoslocker_revil.exe
Resource
win10v2004-20240508-en
Malware Config
Targets
-
-
Target
2024-05-22_6a26e4f098ad94bcb3668d653651d504_avoslocker_revil
-
Size
6.5MB
-
MD5
6a26e4f098ad94bcb3668d653651d504
-
SHA1
c9325f118c00695082975444a46e3569cb2511a0
-
SHA256
ed7ea89db04f6f264ef912d7f3c5934bde8521dd1898a0e179903698115d4c1e
-
SHA512
c2c0daeea1583ab2d7c029b4ea47567a4e45345eaa5bd9cb85a320fd068344c2516cf98923f9fda19e0775b80dfcf1a76bd56e175290e01a253adbb8e59f4814
-
SSDEEP
98304:eI9tiSH6a6gfFCZ8th/yp3qvZ4ypOKRxoBBTxBQk6dtQF:eAH6aff4+4p84yjRyBNxqQF
Score8/10-
Drops file in Drivers directory
-
Executes dropped EXE
-
Checks installed software on the system
Looks up Uninstall key entries in the registry to enumerate software on the system.
-
Drops desktop.ini file(s)
-