General
-
Target
2024-06-03_ffec7970cc2b4bc85e434f7d343887f3_avoslocker_magniber_revil
-
Size
20.0MB
-
Sample
240603-kkanxahc6w
-
MD5
ffec7970cc2b4bc85e434f7d343887f3
-
SHA1
259b8efabff6252780f92c7ac6ff8f07f3a4057c
-
SHA256
c3cb8369cf13f5233afb5a8cceb557f7bfcfc9f9098e03bfa0550604cc257a3e
-
SHA512
06d90f4c794cf2605d86d553252ee5241171c365a6caef328c6585f4874a7f8dcfaf76fd1afc00b6e558fbdeef06074aa03c81cc3ed260153cd6a30c085686b3
-
SSDEEP
393216:8K/kMxJ22lYzkmyL1prctsRMFgXnU7sElpy/:g2WwdL75RtXnas
Static task
static1
Behavioral task
behavioral1
Sample
2024-06-03_ffec7970cc2b4bc85e434f7d343887f3_avoslocker_magniber_revil.exe
Resource
win7-20240508-en
Behavioral task
behavioral2
Sample
2024-06-03_ffec7970cc2b4bc85e434f7d343887f3_avoslocker_magniber_revil.exe
Resource
win10v2004-20240226-en
Malware Config
Targets
-
-
Target
2024-06-03_ffec7970cc2b4bc85e434f7d343887f3_avoslocker_magniber_revil
-
Size
20.0MB
-
MD5
ffec7970cc2b4bc85e434f7d343887f3
-
SHA1
259b8efabff6252780f92c7ac6ff8f07f3a4057c
-
SHA256
c3cb8369cf13f5233afb5a8cceb557f7bfcfc9f9098e03bfa0550604cc257a3e
-
SHA512
06d90f4c794cf2605d86d553252ee5241171c365a6caef328c6585f4874a7f8dcfaf76fd1afc00b6e558fbdeef06074aa03c81cc3ed260153cd6a30c085686b3
-
SSDEEP
393216:8K/kMxJ22lYzkmyL1prctsRMFgXnU7sElpy/:g2WwdL75RtXnas
Score9/10-
Detects executables packed with VMProtect.
-
Looks for VirtualBox Guest Additions in registry
-
Executes dropped EXE
-
Loads dropped DLL
-
Enumerates connected drives
Attempts to read the root path of hard drives other than the default C: drive.
-