General

  • Target

    2024-06-03_ffec7970cc2b4bc85e434f7d343887f3_avoslocker_magniber_revil

  • Size

    20.0MB

  • Sample

    240603-kkanxahc6w

  • MD5

    ffec7970cc2b4bc85e434f7d343887f3

  • SHA1

    259b8efabff6252780f92c7ac6ff8f07f3a4057c

  • SHA256

    c3cb8369cf13f5233afb5a8cceb557f7bfcfc9f9098e03bfa0550604cc257a3e

  • SHA512

    06d90f4c794cf2605d86d553252ee5241171c365a6caef328c6585f4874a7f8dcfaf76fd1afc00b6e558fbdeef06074aa03c81cc3ed260153cd6a30c085686b3

  • SSDEEP

    393216:8K/kMxJ22lYzkmyL1prctsRMFgXnU7sElpy/:g2WwdL75RtXnas

Score
10/10

Malware Config

Targets

    • Target

      2024-06-03_ffec7970cc2b4bc85e434f7d343887f3_avoslocker_magniber_revil

    • Size

      20.0MB

    • MD5

      ffec7970cc2b4bc85e434f7d343887f3

    • SHA1

      259b8efabff6252780f92c7ac6ff8f07f3a4057c

    • SHA256

      c3cb8369cf13f5233afb5a8cceb557f7bfcfc9f9098e03bfa0550604cc257a3e

    • SHA512

      06d90f4c794cf2605d86d553252ee5241171c365a6caef328c6585f4874a7f8dcfaf76fd1afc00b6e558fbdeef06074aa03c81cc3ed260153cd6a30c085686b3

    • SSDEEP

      393216:8K/kMxJ22lYzkmyL1prctsRMFgXnU7sElpy/:g2WwdL75RtXnas

    Score
    9/10
    • Detects executables packed with VMProtect.

    • Looks for VirtualBox Guest Additions in registry

    • Executes dropped EXE

    • Loads dropped DLL

    • Enumerates connected drives

      Attempts to read the root path of hard drives other than the default C: drive.

MITRE ATT&CK Enterprise v15

Tasks