General
-
Target
2024-05-25_3b5cafeb5289a6bcec2c21c8dbe1aefe_avoslocker_revil
-
Size
6.5MB
-
Sample
240525-avn9yagc4v
-
MD5
3b5cafeb5289a6bcec2c21c8dbe1aefe
-
SHA1
c9b1cf3cbe0a340314c08c639bc12311db095a64
-
SHA256
cba060a813dbf3a9eeb988f79ab448ef320983d6270cc0ba1f792a5d858f3942
-
SHA512
ad5fc06ec6b4ceb7ea2a6596f3c76b959a8964744cd5474670282cca92915a428bd04decf630276229fd776880c91b96cf533387ff5d8385230b057c66d799e8
-
SSDEEP
98304:DI9tiSH6a6gfFCZ8th/yp3qvZ4ypOKRxoBBTxBQk6dtQS:DAH6aff4+4p84yjRyBNxqQS
Static task
static1
Behavioral task
behavioral1
Sample
2024-05-25_3b5cafeb5289a6bcec2c21c8dbe1aefe_avoslocker_revil.exe
Resource
win7-20240221-en
Behavioral task
behavioral2
Sample
2024-05-25_3b5cafeb5289a6bcec2c21c8dbe1aefe_avoslocker_revil.exe
Resource
win10v2004-20240426-en
Malware Config
Targets
-
-
Target
2024-05-25_3b5cafeb5289a6bcec2c21c8dbe1aefe_avoslocker_revil
-
Size
6.5MB
-
MD5
3b5cafeb5289a6bcec2c21c8dbe1aefe
-
SHA1
c9b1cf3cbe0a340314c08c639bc12311db095a64
-
SHA256
cba060a813dbf3a9eeb988f79ab448ef320983d6270cc0ba1f792a5d858f3942
-
SHA512
ad5fc06ec6b4ceb7ea2a6596f3c76b959a8964744cd5474670282cca92915a428bd04decf630276229fd776880c91b96cf533387ff5d8385230b057c66d799e8
-
SSDEEP
98304:DI9tiSH6a6gfFCZ8th/yp3qvZ4ypOKRxoBBTxBQk6dtQS:DAH6aff4+4p84yjRyBNxqQS
Score8/10-
Drops file in Drivers directory
-
Executes dropped EXE
-
Checks installed software on the system
Looks up Uninstall key entries in the registry to enumerate software on the system.
-
Drops desktop.ini file(s)
-