Extracted

• • Target

    [email protected]

  • Size

    1.3MB

  • MD5

    645d774a869c582b2c46beed455321d4

  • SHA1

    e94862c25377373f54ce668051df0d95d3746514

  • SHA256

    21420b8630260dae7f0ea14a319a8b3ae6910def98599109b365f710e835b9c4

  • SHA512

    2c7cc053ed79e52f7e2ae508d2d832e6efa0b9a24dc71158fbc25d829c3d9ad8aa8f5c04e7fff94152dacc04cc1d7604da147ee201d900efcbcc62fe95f15b81

  Score

  10^/10

  xmrigevasionminerransomwarespywarestealer

  • xmrig

    XMRig is a high performance, open source, cross platform CPU/GPU miner.

    minerxmrig

  • Drops file in Drivers directory

  • Modifies Windows Firewall

    evasion

  • Modifies extensions of user files

    Ransomware generally changes the extension on encrypted files.

    ransomware

  • Drops startup file

  • Reads user/profile data of web browsers

    Infostealers often target stored browser data, which can include saved credentials etc.

    spywarestealer

  • Drops desktop.ini file(s)

  • Drops file in System32 directory

  behavioral1behavioral2