Overview

overview

6

Static

static

1

2024-11-01...il.exe

windows7-x64

6

2024-11-01...il.exe

windows10-2004-x64

6

Sharing

Copy URL
Twitter E-mail

General

  • Target

    2024-11-01_ecffc12790375a24fa4cb0e7b3799d7f_avoslocker_hijackloader_magniber_revil

  • Size

    5.4MB

  • Sample

    241101-vzdn8a1qaz

  • MD5

    ecffc12790375a24fa4cb0e7b3799d7f

  • SHA1

    5f78b672871793ca05bf61ff6ba50f99d733b0c5

  • SHA256

    19cf1e8de87f268fc64e89fd04474997b7a24ac47d9c990fbb1249643bde4c65

  • SHA512

    7216d8b44efca1a3af192c24e4cfa5daa6df33c902656e1c303bb83e9b522f9c720d87a819ee6eb12762a17adcda76970a004139a3b1121323eb060907892d5d

  • SSDEEP

    98304:2rI1lEAOYB6RJ2dqW8LZJc+ZQSAA4zJOi6f4s/w0dGw/qn:9XGULEFrcPJzAxf4MFGkS

Score
6/10
bootkitdiscoverypersistence

Malware Config

Targets

    • Target

      2024-11-01_ecffc12790375a24fa4cb0e7b3799d7f_avoslocker_hijackloader_magniber_revil

    • Size

      5.4MB

    • MD5

      ecffc12790375a24fa4cb0e7b3799d7f

    • SHA1

      5f78b672871793ca05bf61ff6ba50f99d733b0c5

    • SHA256

      19cf1e8de87f268fc64e89fd04474997b7a24ac47d9c990fbb1249643bde4c65

    • SHA512

      7216d8b44efca1a3af192c24e4cfa5daa6df33c902656e1c303bb83e9b522f9c720d87a819ee6eb12762a17adcda76970a004139a3b1121323eb060907892d5d

    • SSDEEP

      98304:2rI1lEAOYB6RJ2dqW8LZJc+ZQSAA4zJOi6f4s/w0dGw/qn:9XGULEFrcPJzAxf4MFGkS

    Score
    6/10
    bootkitdiscoverypersistence

    • Writes to the Master Boot Record (MBR)

      Bootkits write to the MBR to gain persistence at a level below the operating system.

      bootkitpersistence

    • Checks computer location settings

      Looks up country code configured in the registry, likely geofence.

    behavioral1behavioral2

MITRE ATT&CK Enterprise v15

Tasks