General
-
Target
2024-11-29_b85381818c9a8643c875edb69896c7d8_avoslocker_hijackloader_luca-stealer_magniber_revil
-
Size
5.6MB
-
Sample
241129-p6yp3swpcs
-
MD5
b85381818c9a8643c875edb69896c7d8
-
SHA1
b36ad47a4b2f5a2e500681e757180a178946361a
-
SHA256
2edb33aae6ab40e40a2d78b900173bff8f71fff18d1588e5a7ff9486d080e96b
-
SHA512
060f0031e0641602d1452e28dad0cf6f5fc5d1df1b00130f5b5d906477f6f0785730ebb931966297bc9352d746800f4465a5afebcc4ceb98da883a8b515c50e8
-
SSDEEP
98304:p6pg+4qaSDRumxkEpMH1FkQmOnhTjqsaUODS4IeOsyrwuv/guB/r:q5IS1FnpAvHZwiO2AOsezgyr
Malware Config
Targets
-
-
Target
2024-11-29_b85381818c9a8643c875edb69896c7d8_avoslocker_hijackloader_luca-stealer_magniber_revil
-
Size
5.6MB
-
MD5
b85381818c9a8643c875edb69896c7d8
-
SHA1
b36ad47a4b2f5a2e500681e757180a178946361a
-
SHA256
2edb33aae6ab40e40a2d78b900173bff8f71fff18d1588e5a7ff9486d080e96b
-
SHA512
060f0031e0641602d1452e28dad0cf6f5fc5d1df1b00130f5b5d906477f6f0785730ebb931966297bc9352d746800f4465a5afebcc4ceb98da883a8b515c50e8
-
SSDEEP
98304:p6pg+4qaSDRumxkEpMH1FkQmOnhTjqsaUODS4IeOsyrwuv/guB/r:q5IS1FnpAvHZwiO2AOsezgyr
Score6/10-
Writes to the Master Boot Record (MBR)
Bootkits write to the MBR to gain persistence at a level below the operating system.
-
Checks computer location settings
Looks up country code configured in the registry, likely geofence.
-