Analysis
-
max time kernel
122s -
max time network
127s -
platform
windows7_x64 -
resource
win7-20240221-en -
resource tags
arch:x64arch:x86image:win7-20240221-enlocale:en-usos:windows7-x64system -
submitted
25-05-2024 01:00
Behavioral task
behavioral1
Sample
2024-05-25_6c7b1c7f2a466936f3c06f608358311a_avoslocker_revil.exe
Resource
win7-20240221-en
Behavioral task
behavioral2
Sample
2024-05-25_6c7b1c7f2a466936f3c06f608358311a_avoslocker_revil.exe
Resource
win10v2004-20240508-en
General
-
Target
2024-05-25_6c7b1c7f2a466936f3c06f608358311a_avoslocker_revil.exe
-
Size
6.3MB
-
MD5
6c7b1c7f2a466936f3c06f608358311a
-
SHA1
14723c060f07a69d9bb5a6d04debccd55b32781d
-
SHA256
c41745d8a3ead8489fba5d9ddbadbcc868194da360463eae2d63a0a09c07c19f
-
SHA512
6d31d272eed382edec75873f116d5e49ea02672affaa0bc7e8c8733e1244e245e66ee016eafb25d3c9322f153e02c3538c798c6e74d860464c68acab6d06937b
-
SSDEEP
98304:Wy2Ra3s45KZATR1DPBLPjmFk1wTdrobphQ7O9CKkq7xb4T0HmphWdo80jT:WM5igRjLik1OibpCyCZT0mpMeT
Malware Config
Signatures
-
Checks system information in the registry 2 TTPs 2 IoCs
System information is often read in order to detect sandboxing environments.
Processes:
2024-05-25_6c7b1c7f2a466936f3c06f608358311a_avoslocker_revil.exedescription ioc process Key value queried \REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\SystemInformation\SystemManufacturer 2024-05-25_6c7b1c7f2a466936f3c06f608358311a_avoslocker_revil.exe Key value queried \REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\SystemInformation\SystemProductName 2024-05-25_6c7b1c7f2a466936f3c06f608358311a_avoslocker_revil.exe
Processes
Network
MITRE ATT&CK Matrix ATT&CK v13
Replay Monitor
Loading Replay Monitor...
Downloads
-
C:\ProgramData\netskope\stagent\Logs\nsdebuglog.logFilesize
4KB
MD547f2322fb942160bbfb66b20089c26b5
SHA164872306a838eb7d89fe1929c92837055cfbad6e
SHA256e408469bbdfd6e476beb948a13dfcdd7ae5ce41c8b2c7d84cf8592b1a3c99e4f
SHA51262696289437232028184d53d367ceb5e6d5cafb4b1336638e5083be58b066207b6eecbd3fb4f4f313a155c9e41bd63b5496403f647e4d75d0e59b38aa96116e9
-
C:\ProgramData\netskope\stagent\Logs\nsdebuglog.logFilesize
1KB
MD52de1bfe71cfc5a4220f1c4591aec8d07
SHA19cbfee4cdb3fc4680c47e3ca659fa370cb599a3b
SHA256a6beba9600e995452800cc6729b56bf6f08741c2c5c6a041da11cb7c20382f49
SHA5126a0c4d8e6407be69b2df8c652316052615041367522dc2281c83cfe22f8f9a4858927f113528dc05fa61df6c9c35db5ed43318ca87dff72679ec3c62d99501c3