Analysis Overview
SHA256
c62241911d2a9500eb1c4fff6b76e781e83f844c74fd22ac305ba8b1ffcc0ecf
Threat Level: Likely benign
The file 2024-06-03_06db3580d9182b9c1564b64c3bf17b4f_avoslocker was found to be: Likely benign.
Malicious Activity Summary
Unsigned PE
MITRE ATT&CK
Analysis: static1
Detonation Overview
Reported
2024-06-03 12:43
Signatures
Unsigned PE
| Description | Indicator | Process | Target |
| N/A | N/A | N/A | N/A |
Analysis: behavioral1
Detonation Overview
Submitted
2024-06-03 12:43
Reported
2024-06-03 12:45
Platform
win7-20240508-en
Max time kernel
118s
Max time network
118s
Command Line
Signatures
Processes
C:\Users\Admin\AppData\Local\Temp\2024-06-03_06db3580d9182b9c1564b64c3bf17b4f_avoslocker.exe
"C:\Users\Admin\AppData\Local\Temp\2024-06-03_06db3580d9182b9c1564b64c3bf17b4f_avoslocker.exe"
Network
| Country | Destination | Domain | Proto |
| US | 8.8.8.8:53 | www.meijutt.tw | udp |
| US | 8.8.8.8:53 | mjtt.tv | udp |
| US | 8.8.8.8:53 | gitee.com | udp |
| US | 172.247.15.234:443 | mjtt.tv | tcp |
| HK | 182.255.33.134:443 | gitee.com | tcp |
| US | 172.247.15.234:80 | mjtt.tv | tcp |
| US | 172.247.15.234:443 | mjtt.tv | tcp |
| US | 172.247.15.234:443 | mjtt.tv | tcp |
| HK | 182.255.33.134:443 | gitee.com | tcp |
| US | 172.247.15.234:443 | mjtt.tv | tcp |
| US | 8.8.8.8:53 | github.com | udp |
| GB | 20.26.156.215:443 | github.com | tcp |
| GB | 20.26.156.215:443 | github.com | tcp |
Files
Analysis: behavioral2
Detonation Overview
Submitted
2024-06-03 12:43
Reported
2024-06-03 12:45
Platform
win10v2004-20240508-en
Max time kernel
149s
Max time network
150s
Command Line
Signatures
Processes
C:\Users\Admin\AppData\Local\Temp\2024-06-03_06db3580d9182b9c1564b64c3bf17b4f_avoslocker.exe
"C:\Users\Admin\AppData\Local\Temp\2024-06-03_06db3580d9182b9c1564b64c3bf17b4f_avoslocker.exe"
Network
| Country | Destination | Domain | Proto |
| US | 8.8.8.8:53 | www.meijutt.tw | udp |
| US | 8.8.8.8:53 | gitee.com | udp |
| US | 8.8.8.8:53 | mjtt.tv | udp |
| US | 8.8.8.8:53 | 133.211.185.52.in-addr.arpa | udp |
| US | 154.12.59.61:443 | www.meijutt.tw | tcp |
| US | 172.247.15.234:80 | mjtt.tv | tcp |
| HK | 182.255.33.134:443 | gitee.com | tcp |
| US | 172.247.15.234:443 | mjtt.tv | tcp |
| US | 8.8.8.8:53 | www.meijutt.net | udp |
| US | 8.8.8.8:53 | 240.221.184.93.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 61.59.12.154.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 234.15.247.172.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 134.33.255.182.in-addr.arpa | udp |
| US | 154.12.59.61:443 | www.meijutt.net | tcp |
| US | 8.8.8.8:53 | tanju.vip | udp |
| US | 192.74.230.67:443 | tanju.vip | tcp |
| US | 192.74.230.67:443 | tanju.vip | tcp |
| US | 192.74.230.67:443 | tanju.vip | tcp |
| US | 192.74.230.67:443 | tanju.vip | tcp |
| US | 192.74.230.67:443 | tanju.vip | tcp |
| US | 192.74.230.67:443 | tanju.vip | tcp |
| US | 192.74.230.67:443 | tanju.vip | tcp |
| US | 192.74.230.67:443 | tanju.vip | tcp |
| NL | 23.62.61.75:443 | www.bing.com | tcp |
| US | 8.8.8.8:53 | 43.58.199.20.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 67.230.74.192.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 75.61.62.23.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 217.106.137.52.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 157.123.68.40.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 171.39.242.20.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 172.210.232.199.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 203.107.17.2.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 26.35.223.20.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 11.227.111.52.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 14.173.189.20.in-addr.arpa | udp |
Files
C:\Users\Admin\AppData\Local\Temp\mjtt\p2905858705.jpg
| MD5 | ccdf5bdbf76fd75de682a4567e6b484c |
| SHA1 | 16ba39fb2d0210da18f14d6e9bc0ee5670ba9ab1 |
| SHA256 | aea04a765f36a92f0ba7d232f70e41470f7f3f41340e6137059e49c1969f0fe0 |
| SHA512 | 6c4ea4633268a262e037739a62e1c853246df309b7f02ab4506312d184bb9797cf87895044451fe9f091ed9a3f11058e336aeb74916949c94175192c9d168749 |
C:\Users\Admin\AppData\Local\Temp\mjtt\20231712101423745.jpg
| MD5 | d6115405477eb8dbc569358dd346057d |
| SHA1 | 47c41b25bc230f71b396c3570010e7c64e6de3df |
| SHA256 | dc2f1475dca92df22005df4a8a92a4183b775005757ee9ef93a0ed5d735ef3a3 |
| SHA512 | b497a52b1d15a22d182826172bb1d7ad9f22493118b720acf8cb39746d5b6311fbe1ec7b345674bf4f7f4763fb78ae35b1da0759d7015407613e6712b7ee92b8 |
C:\Users\Admin\AppData\Local\Temp\mjtt\p2908534568.jpg
| MD5 | 0e7da67f85e16d94ec93208d11c22e72 |
| SHA1 | 9b804a76d6b9f22b854aca28c63effab6c8d2d1f |
| SHA256 | 4a0e6157035535fbacad80e4e6afddc48975038adbb32e31561b212f10d7a76e |
| SHA512 | ca8152ef6d6d315eb5c94473e90db6b464df6b49ae43aaae2a9ce0bd7cf7b350bb73eeb13ddd293157bef5eadafb382de2a8916358659f36af9572eba6e221cb |
C:\Users\Admin\AppData\Local\Temp\mjtt\p2906179172.jpg
| MD5 | 222fe20ee6e84f1356bc2d4e1645fc46 |
| SHA1 | 966a2749471003911098ca60f7dfe2c5c05f185d |
| SHA256 | 9d61c219029026416ada2d654396fb45aa8e3193125d49051663058545bad6bb |
| SHA512 | 2c54df685e16208516de5675e38af3d86e312cf44d7ce780dff58fdd060a312f302f3482090090e0679945262202cee0138971422acebb066ef57e2031efaa17 |
C:\Users\Admin\AppData\Local\Temp\mjtt\p2908516462.jpg
| MD5 | 134565a2bc802f1e5b630d57aca95b4d |
| SHA1 | a25f2a93d0f9c749ed6c5a497d2909e4da6b9213 |
| SHA256 | 7f4ce587d8affcff5566416eab408072896f0c144c28550a8a3b08c8da9aefca |
| SHA512 | ddc3fd68cfd3dde2a7194ff435104376964dae49540f2f52de5a8a247066e4ac486959a15663864715431ea5be94e02760700c943a95913faa95d894d7baca4a |
C:\Users\Admin\AppData\Local\Temp\mjtt\p2907374173.jpg
| MD5 | bf1485ca470cdf8d864d9b515b59b0fa |
| SHA1 | 5447b847d4bf2eef6c7f8f18ca0a2701b7d79551 |
| SHA256 | 76e01fcee8669022f346fb8efa0522bce6abfb59884a6bfe501de26968e217b4 |
| SHA512 | e5612b69f9b661e1fb86a1460ac2dc1e6568005778a094be18116e51f58f48ac3f996e364cf1f9c4eee9a9381666c801e6b6e3b15ae7a24d8e4700856247c10e |
C:\Users\Admin\AppData\Local\Temp\mjtt\p2906982540.jpg
| MD5 | 4ef29e20be9851aa1db50d5c94c260ff |
| SHA1 | 78546ef3d6ad48c321f29ab9a84fee847e6f22bf |
| SHA256 | 5fecdabc24617eeee147f1d9363614573259b8c1f4814cd83459d27138f401c1 |
| SHA512 | c6bbdd977c2a9709a2e15fada71a6793e9dbf394ef891b4c68d858b4b3586bdec21107ccb8c79a22a0dad9bbdf91f3de26c7ed6e4c4707ee1f5050c04695a093 |
C:\Users\Admin\AppData\Local\Temp\mjtt\p2907853602.jpg
| MD5 | db6e5c5b27ff42c7edf1b9fa9a58949f |
| SHA1 | 195c1fb8b16b784a7edd5fa2ff1656d765658ac0 |
| SHA256 | c33858e1e4f9a2d3f09aaf6e44e1480b75aaf1111a56b1628e6243c74bb6f1b4 |
| SHA512 | 1641adca4baa565f0267a372e23daab3ac6e25134775b1469287afef69fefe0733f062980a0ea4d0efadd35b714aaa32be4a20b33d4fd17d2e4a50ac655d6478 |
C:\Users\Admin\AppData\Local\Temp\mjtt\p2908505766.jpg
| MD5 | d747f86722840dc51d4cdef4437682e7 |
| SHA1 | 40f4f612b6a13ebfd4464f1892b6beecea7b64a9 |
| SHA256 | 9864f5f6e9f0b4bb305fd651747ed23cdcf6cb4640417a9ad37a5c2c165e4a5b |
| SHA512 | 1a7992579523e84f770d93eaf09fd0bad340c324b295dc160ca41cba94ccf7a3f685592ee51575cdc38be2ac825ff13a3ccec6344aa906503265fd57f4cb5099 |