a8fe36dc25d3fd63e776810ceac866ab63121050b72f8b5aabfdfc1e6f5e675d | Triage

Submit
Reports

Overview

overview

7

Static

static

3

2024-06-27...xz.exe

windows7-x64

7

2024-06-27...xz.exe

windows10-2004-x64

1

Sharing

General

Target

2024-06-27_39e27086f2631f2c54cf75a3572e9ac7_magniber_revil_zxxz
Size

24.3MB
Sample

240627-msmpjszcnl
MD5

39e27086f2631f2c54cf75a3572e9ac7
SHA1

5643b341f4489bac9b8e5e3ac81bf918addcb04d
SHA256

a8fe36dc25d3fd63e776810ceac866ab63121050b72f8b5aabfdfc1e6f5e675d
SHA512

d8b9f94737f1a4490e6e6ef7b5b2952a86f86eb7649ae17dc8180a1f70bfc0c911b4d5570f6f6a42266b9b4169b109222e249f5a0c2a15bf2a663160c625a41c
SSDEEP

196608:fP0Hj6JigboXZDwqY8a/qVwsEXX1KOgCu3JK1Op1H2SAmGcWqnlv018hQ/:fPboGX8a/jWWu3cq2D/cWcls1h

Score

7^/10

spyware stealer

Static task

static1

1 signatures

Behavioral task

behavioral1

Sample

2024-06-27_39e27086f2631f2c54cf75a3572e9ac7_magniber_revil_zxxz.exe

Resource

win7-20240611-en

spyware stealer

windows7-x64

16 signatures

150 seconds

Behavioral task

behavioral2

Sample

2024-06-27_39e27086f2631f2c54cf75a3572e9ac7_magniber_revil_zxxz.exe

Resource

win10v2004-20240611-en

windows10-2004-x64

0 signatures

150 seconds

Malware Config

Targets

- Target
  
  2024-06-27_39e27086f2631f2c54cf75a3572e9ac7_magniber_revil_zxxz
- Size
  
  24.3MB
- MD5
  
  39e27086f2631f2c54cf75a3572e9ac7
- SHA1
  
  5643b341f4489bac9b8e5e3ac81bf918addcb04d
- SHA256
  
  a8fe36dc25d3fd63e776810ceac866ab63121050b72f8b5aabfdfc1e6f5e675d
- SHA512
  
  d8b9f94737f1a4490e6e6ef7b5b2952a86f86eb7649ae17dc8180a1f70bfc0c911b4d5570f6f6a42266b9b4169b109222e249f5a0c2a15bf2a663160c625a41c
- SSDEEP
  
  196608:fP0Hj6JigboXZDwqY8a/qVwsEXX1KOgCu3JK1Op1H2SAmGcWqnlv018hQ/:fPboGX8a/jWWu3cq2D/cWcls1h
Score

7^/10

spyware stealer
- Executes dropped EXE
- Loads dropped DLL
- Reads user/profile data of web browsers
  Infostealers often target stored browser data, which can include saved credentials etc.
  spyware stealer
- Drops file in System32 directory
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Unsecured Credentials

Credentials In Files

Discovery

Query Registry

Lateral Movement

Collection

Data from Local System

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2

© 2018-2024

Terms | Privacy