Overview

overview

10

Static

static

4d689bb1ce...aa.exe

windows7_x64

10

4d689bb1ce...aa.exe

windows10_x64

10

Sharing

Copy URL
Twitter E-mail

General

  • Target

    4d689bb1cec486d7cb4690326c1574aa4f1ca49da725dea24e4f67f7231c5caa

  • Size

    6.7MB

  • Sample

    210504-35f9a16zsx

  • MD5

    8454727909c49e3a9009ebcc72e8837b

  • SHA1

    9154a1f55e429a6fcdb7bdc65b36cf2da28ba5b2

  • SHA256

    4d689bb1cec486d7cb4690326c1574aa4f1ca49da725dea24e4f67f7231c5caa

  • SHA512

    c03465fe933b2d320b49d69996de4d92bcb3705c450bd2d2d598f83b42e3a9fbd9e20720e1ffe6f6a36f731e969efacbe52c338261b42d042c9efd9bb7497f37

Score
10/10
xmrigminerpersistence

Malware Config

Targets

    • Target

      4d689bb1cec486d7cb4690326c1574aa4f1ca49da725dea24e4f67f7231c5caa

    • Size

      6.7MB

    • MD5

      8454727909c49e3a9009ebcc72e8837b

    • SHA1

      9154a1f55e429a6fcdb7bdc65b36cf2da28ba5b2

    • SHA256

      4d689bb1cec486d7cb4690326c1574aa4f1ca49da725dea24e4f67f7231c5caa

    • SHA512

      c03465fe933b2d320b49d69996de4d92bcb3705c450bd2d2d598f83b42e3a9fbd9e20720e1ffe6f6a36f731e969efacbe52c338261b42d042c9efd9bb7497f37

    Score
    10/10
    persistencexmrigminer

    • Adds autorun key to be loaded by Explorer.exe on startup

      persistence

    • xmrig

      XMRig is a high performance, open source, cross platform CPU/GPU miner.

      minerxmrig

    • Executes dropped EXE

    • Loads dropped DLL

    • Drops file in System32 directory

    behavioral1behavioral2

MITRE ATT&CK Matrix ATT&CK v6

Initial Access

Execution

Persistence

Registry Run Keys / Startup Folder

1
T1060

Privilege Escalation

Defense Evasion

Modify Registry

1
T1112

Credential Access

Discovery

Lateral Movement

Collection

Exfiltration

Command and Control

Impact

Tasks