Overview

overview

9

Static

static

3

2024-05-23...il.exe

windows7-x64

9

2024-05-23...il.exe

windows10-2004-x64

1

Analysis

  • max time kernel
    134s
  • max time network
    103s
  • platform
    windows10-2004_x64
  • resource
    win10v2004-20240426-en
  • resource tags

    arch:x64arch:x86image:win10v2004-20240426-enlocale:en-usos:windows10-2004-x64system
  • submitted
    23/05/2024, 08:13

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    2024-05-23_f0daf87a7d68cd0236c5cffad9362e8a_magniber_revil.exe

  • Size

    5.7MB

  • MD5

    f0daf87a7d68cd0236c5cffad9362e8a

  • SHA1

    0a4b133c635eea9f225b218105ebede4e7498ff8

  • SHA256

    381cff0b59478002a14faa9086becb2aadcaf24f3c8f8328eaa626a9842897e6

  • SHA512

    cd40da02ce968f99210b225b3513a379591b13032293bbd20f7e97ba949bbab283f826bcf831e5769ba81db030c4a5eb6e02ebb9a5a210cae852aeffd4fae439

  • SSDEEP

    98304:b/6n94bDY2EBcBuq62V///4nAWakrn7S/IhWoaVVfs/VIsMF4JD8iulhq7Nm1kVF:uMD+cpvJ/4H3nmghWoa/fsysMF4JD85E

Score
1/10

Malware Config

Signatures

  • Suspicious behavior: EnumeratesProcesses 2 IoCs
  • Suspicious use of FindShellTrayWindow 1 IoCs
  • Suspicious use of SendNotifyMessage 1 IoCs

Processes

  • C:\Users\Admin\AppData\Local\Temp\2024-05-23_f0daf87a7d68cd0236c5cffad9362e8a_magniber_revil.exe
    "C:\Users\Admin\AppData\Local\Temp\2024-05-23_f0daf87a7d68cd0236c5cffad9362e8a_magniber_revil.exe"
    1⤵
    • Suspicious behavior: EnumeratesProcesses
    • Suspicious use of FindShellTrayWindow
    • Suspicious use of SendNotifyMessage
    PID:5108

Network

MITRE ATT&CK Matrix

Replay Monitor

Loading Replay Monitor...

Downloads

  • C:\Users\Admin\AppData\Local\Temp\yjs_log\log.log
    Filesize

    650B

    MD5

    37e7084c91b58c9997c429ec1acd3b21

    SHA1

    8d0a1ee5b733b6feb52a5b37673573b6c9ff2971

    SHA256

    7c10c618ff41bc799831f5ec4e240d87be457d0954a391b277d88c8a3676bac7

    SHA512

    1ca8636eccd0f1525f773ab5758c12e1bdb6dc0c3cdc1da912ea9dfb9e015e484dbcd76dae7db2c96a409ee6b3a76e8bbcc92207f53f2cc578d7b64dcfed0401

    Download Submit

  • C:\Users\Admin\AppData\Local\Temp\yjs_log\log.log
    Filesize

    4KB

    MD5

    cdd306ee16d1455bbf46d25aa62241fa

    SHA1

    6df5b4802ed5a0f00cb5208f80aeb45bbbfd96fc

    SHA256

    3274c2e9c6921dfe12589018e9ce874e44cac542ff6ba1a2e556247a3b39b5a8

    SHA512

    af79e5e510f29f87f639638d7da1c50420424affb2da1375ef669d9150f129f220563d474d7926e6dc1df47b2d9cad04bfbcb57a0585448cca48e815670cf9b9

    Download Submit

  • C:\Users\Admin\AppData\Local\Temp\yjs_log\log.log
    Filesize

    308B

    MD5

    1f562be177b6bba4de5bfd62395734b0

    SHA1

    1e319ea62d389d0aff6c52a47d5a2a456a13769f

    SHA256

    3c92e06e08021d41e4faedc13402692fa497d49c036951d483d6d660c22e13d3

    SHA512

    9a6ff171f38a1ed55a0ed94988422f21d6151988c0cd7e1614b2878ca9cdfc72968982207136d82a20e8ff8aa8b27364498b83604441b8ed5ca35dbeaa8dbe73

    Download Submit