Overview

overview

10

Static

static

088fc93c12...a8.exe

windows7_x64

10

088fc93c12...a8.exe

windows10_x64

10

Sharing

Copy URL
Twitter E-mail

General

  • Target

    088fc93c12a7c71daa62f3b4756b489ad218f8cb2bb92753702b6b1e57291aa8

  • Size

    1.9MB

  • Sample

    210504-2zk47yvc6j

  • MD5

    bd9e745f73bf7fe19145cfb5c25460c0

  • SHA1

    87760bc05ef4290fc06cc3115224dcd1672cfd13

  • SHA256

    088fc93c12a7c71daa62f3b4756b489ad218f8cb2bb92753702b6b1e57291aa8

  • SHA512

    c84cc42e37d6bc4fce8d057cdcfd6c3920f5fd0020ac37db15a8756e05c79e278665a034e353e6d36b9032ee4bd1da2e67e327a9f4381e9d607adc70b3a6c6a7

Score
10/10
xmrigminerpersistence

Malware Config

Targets

    • Target

      088fc93c12a7c71daa62f3b4756b489ad218f8cb2bb92753702b6b1e57291aa8

    • Size

      1.9MB

    • MD5

      bd9e745f73bf7fe19145cfb5c25460c0

    • SHA1

      87760bc05ef4290fc06cc3115224dcd1672cfd13

    • SHA256

      088fc93c12a7c71daa62f3b4756b489ad218f8cb2bb92753702b6b1e57291aa8

    • SHA512

      c84cc42e37d6bc4fce8d057cdcfd6c3920f5fd0020ac37db15a8756e05c79e278665a034e353e6d36b9032ee4bd1da2e67e327a9f4381e9d607adc70b3a6c6a7

    Score
    10/10
    xmrigminerpersistence

    • xmrig

      XMRig is a high performance, open source, cross platform CPU/GPU miner.

      minerxmrig

    • Deletes itself

    • Adds Run key to start application

      persistence

    • Drops file in System32 directory

    behavioral1behavioral2

MITRE ATT&CK Matrix ATT&CK v6

Initial Access

Execution

Persistence

Registry Run Keys / Startup Folder

1
T1060

Privilege Escalation

Defense Evasion

Modify Registry

1
T1112

Credential Access

Discovery

Lateral Movement

Collection

Exfiltration

Command and Control

Impact

Tasks