Overview

overview

10

Static

static

77d432c13c...ff.exe

windows7_x64

10

77d432c13c...ff.exe

windows10_x64

10

Sharing

Copy URL
Twitter E-mail

General

  • Target

    77d432c13c199c55b0f27020884654c2e7907a03c1f8b71c609d25592b2234ff

  • Size

    10.5MB

  • Sample

    210504-a4wzqc54x6

  • MD5

    4cbcfed9e90b05c43770a7c79e0d0099

  • SHA1

    1692a4b989cc00d1c6ccaaeb050ebf71e99d09c5

  • SHA256

    77d432c13c199c55b0f27020884654c2e7907a03c1f8b71c609d25592b2234ff

  • SHA512

    d940b5227076b8284e34e31cd43705b9e275f71cec794f8c1ddb79ca260aa6780fc927b08273b0b21daf442160923e87853ffb64adaf23c0be60b75d2bcd1f4f

Score
10/10
xmrigminerpersistence

Malware Config

Targets

    • Target

      77d432c13c199c55b0f27020884654c2e7907a03c1f8b71c609d25592b2234ff

    • Size

      10.5MB

    • MD5

      4cbcfed9e90b05c43770a7c79e0d0099

    • SHA1

      1692a4b989cc00d1c6ccaaeb050ebf71e99d09c5

    • SHA256

      77d432c13c199c55b0f27020884654c2e7907a03c1f8b71c609d25592b2234ff

    • SHA512

      d940b5227076b8284e34e31cd43705b9e275f71cec794f8c1ddb79ca260aa6780fc927b08273b0b21daf442160923e87853ffb64adaf23c0be60b75d2bcd1f4f

    Score
    10/10
    persistencexmrigminer

    • Adds autorun key to be loaded by Explorer.exe on startup

      persistence

    • xmrig

      XMRig is a high performance, open source, cross platform CPU/GPU miner.

      minerxmrig

    • Executes dropped EXE

    • Loads dropped DLL

    • Drops file in System32 directory

    behavioral1behavioral2

MITRE ATT&CK Matrix ATT&CK v6

Initial Access

Execution

Persistence

Registry Run Keys / Startup Folder

1
T1060

Privilege Escalation

Defense Evasion

Modify Registry

1
T1112

Credential Access

Discovery

Lateral Movement

Collection

Exfiltration

Command and Control

Impact

Tasks