General

  • Target

    851af0ea271ed08238192fcec45eac43

  • Size

    2.1MB

  • Sample

    201214-hqnm5hre7j

  • MD5

    851af0ea271ed08238192fcec45eac43

  • SHA1

    f7ece0df68ba042243ffbb90f560e98723981bab

  • SHA256

    274568079e26e0082ce8d546e666a9d6f2f704890d595e5a93af662ea35d16be

  • SHA512

    67160380064a4ffbb29f5692b3edbf71f151b8a9f7317d28df98a351792bc72b0d0041b16ca5646f11cbd005d79ef94a4468949d1a94ff02a01e179aed983c90

Malware Config

Targets

    • Target

      851af0ea271ed08238192fcec45eac43

    • Size

      2.1MB

    • MD5

      851af0ea271ed08238192fcec45eac43

    • SHA1

      f7ece0df68ba042243ffbb90f560e98723981bab

    • SHA256

      274568079e26e0082ce8d546e666a9d6f2f704890d595e5a93af662ea35d16be

    • SHA512

      67160380064a4ffbb29f5692b3edbf71f151b8a9f7317d28df98a351792bc72b0d0041b16ca5646f11cbd005d79ef94a4468949d1a94ff02a01e179aed983c90

    • FakeAV, RogueAntivirus

      FakeAV or Rogue AntiVirus is a class of malware that displays false alert messages.

    • xmrig

      XMRig is a high performance, open source, cross platform CPU/GPU miner.

    • FakeAV payload

    • Executes dropped EXE

    • Sets file execution options in registry

    • Loads dropped DLL

    • Adds Run key to start application

    • Drops file in System32 directory

MITRE ATT&CK Enterprise v6

Tasks