cefb4df6a08706a0745453f7b74c7e5673dbb96d5bdd780b4e51a091f154812e | Triage

Submit
Reports

Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

Overview

overview

7

Static

static

3

2024-06-01...xz.exe

windows7-x64

7

2024-06-01...xz.exe

windows10-2004-x64

1

Sharing

General

Target

2024-06-01_e2f3f15d31e6d40c3394ded542433432_magniber_revil_zxxz
Size

24.3MB
Sample

240601-bybzfsdg47
MD5

e2f3f15d31e6d40c3394ded542433432
SHA1

c26f5b8d122481f2d6bc54cbeee1cc8aa5f38bed
SHA256

cefb4df6a08706a0745453f7b74c7e5673dbb96d5bdd780b4e51a091f154812e
SHA512

34c5ec2fc2d1e557af7f62c136afd77b8994ed3fdbbcb372ac58596aaf43d8d990f07ac5469a6ae0da3c64948c2c8df911fc9a04173049e7dc35c03ea5169ebb
SSDEEP

196608:0P0Hj6JigboXZDwqY8a/qVwsEXX1KOgCu3JK1Op1H2SAmGcWqnlv018R:0PboGX8a/jWWu3cq2D/cWcls1

Score

7^/10

spyware stealer

Static task

static1

1 signatures

Behavioral task

behavioral1

Sample

2024-06-01_e2f3f15d31e6d40c3394ded542433432_magniber_revil_zxxz.exe

Resource

win7-20240221-en

spyware stealer

windows7-x64

16 signatures

150 seconds

Behavioral task

behavioral2

Sample

2024-06-01_e2f3f15d31e6d40c3394ded542433432_magniber_revil_zxxz.exe

Resource

win10v2004-20240426-en

windows10-2004-x64

0 signatures

150 seconds

Malware Config

Targets

- Target
  
  2024-06-01_e2f3f15d31e6d40c3394ded542433432_magniber_revil_zxxz
- Size
  
  24.3MB
- MD5
  
  e2f3f15d31e6d40c3394ded542433432
- SHA1
  
  c26f5b8d122481f2d6bc54cbeee1cc8aa5f38bed
- SHA256
  
  cefb4df6a08706a0745453f7b74c7e5673dbb96d5bdd780b4e51a091f154812e
- SHA512
  
  34c5ec2fc2d1e557af7f62c136afd77b8994ed3fdbbcb372ac58596aaf43d8d990f07ac5469a6ae0da3c64948c2c8df911fc9a04173049e7dc35c03ea5169ebb
- SSDEEP
  
  196608:0P0Hj6JigboXZDwqY8a/qVwsEXX1KOgCu3JK1Op1H2SAmGcWqnlv018R:0PboGX8a/jWWu3cq2D/cWcls1
Score

7^/10

spyware stealer
- Executes dropped EXE
- Loads dropped DLL
- Reads user/profile data of web browsers
  Infostealers often target stored browser data, which can include saved credentials etc.
  spyware stealer
- Drops file in System32 directory
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Unsecured Credentials

Credentials In Files

Discovery

Query Registry

Lateral Movement

Collection

Data from Local System

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2

© 2018-2025

Terms | Privacy