General
-
Target
2024-05-28_71b85f8f9bdda0f45c9fd6b22f342142_avoslocker_revil
-
Size
6.5MB
-
Sample
240528-beldsahh62
-
MD5
71b85f8f9bdda0f45c9fd6b22f342142
-
SHA1
34bff3acc8f0ef41f586f57d54493a34293ed2b4
-
SHA256
3b13956e01f32ecaaefabaa2c17c4b3be4d47299f1f84fc1dd810eb52b3f60d2
-
SHA512
b6f7747fbc7fdb185780f7c4b44c148bce5dfc3d424b3cf1f540e2161f72a3df9a2288d81d8716f7a690b980297bc1ab89b497768436d15da21f65a18d03c5d2
-
SSDEEP
98304:nI9tiSH6a6gfFCZ8th/yp3qvZ4ypOKRxoBBTxBQk6dtQ:nAH6aff4+4p84yjRyBNxqQ
Static task
static1
Behavioral task
behavioral1
Sample
2024-05-28_71b85f8f9bdda0f45c9fd6b22f342142_avoslocker_revil.exe
Resource
win7-20240508-en
Behavioral task
behavioral2
Sample
2024-05-28_71b85f8f9bdda0f45c9fd6b22f342142_avoslocker_revil.exe
Resource
win10v2004-20240508-en
Malware Config
Targets
-
-
Target
2024-05-28_71b85f8f9bdda0f45c9fd6b22f342142_avoslocker_revil
-
Size
6.5MB
-
MD5
71b85f8f9bdda0f45c9fd6b22f342142
-
SHA1
34bff3acc8f0ef41f586f57d54493a34293ed2b4
-
SHA256
3b13956e01f32ecaaefabaa2c17c4b3be4d47299f1f84fc1dd810eb52b3f60d2
-
SHA512
b6f7747fbc7fdb185780f7c4b44c148bce5dfc3d424b3cf1f540e2161f72a3df9a2288d81d8716f7a690b980297bc1ab89b497768436d15da21f65a18d03c5d2
-
SSDEEP
98304:nI9tiSH6a6gfFCZ8th/yp3qvZ4ypOKRxoBBTxBQk6dtQ:nAH6aff4+4p84yjRyBNxqQ
Score8/10-
Drops file in Drivers directory
-
Executes dropped EXE
-
Checks installed software on the system
Looks up Uninstall key entries in the registry to enumerate software on the system.
-
Drops desktop.ini file(s)
-