Overview

overview

10

Static

static

d2a0d73079...67.exe

windows7_x64

10

d2a0d73079...67.exe

windows10_x64

10

Sharing

Copy URL
Twitter E-mail

General

  • Target

    d2a0d73079c6d5b9b0d6c4aa72b590dca6c16e213c3dc67e77bc909a4cf24667

  • Size

    9.2MB

  • Sample

    210504-dzjxkkqf3s

  • MD5

    b620a1c4d752c094152eb2e1aa8394e4

  • SHA1

    a82133685a64c2914e7127fa97db6142278deb59

  • SHA256

    d2a0d73079c6d5b9b0d6c4aa72b590dca6c16e213c3dc67e77bc909a4cf24667

  • SHA512

    e693951216f8874640e1eeb36742db28923951be276a14b045a71244110bd13a474fedba4ec7a5169a7c201b78a6705a0f8339e3d5772d914e037069a460fdb7

Score
10/10
xmrigminerpersistence

Malware Config

Targets

    • Target

      d2a0d73079c6d5b9b0d6c4aa72b590dca6c16e213c3dc67e77bc909a4cf24667

    • Size

      9.2MB

    • MD5

      b620a1c4d752c094152eb2e1aa8394e4

    • SHA1

      a82133685a64c2914e7127fa97db6142278deb59

    • SHA256

      d2a0d73079c6d5b9b0d6c4aa72b590dca6c16e213c3dc67e77bc909a4cf24667

    • SHA512

      e693951216f8874640e1eeb36742db28923951be276a14b045a71244110bd13a474fedba4ec7a5169a7c201b78a6705a0f8339e3d5772d914e037069a460fdb7

    Score
    10/10
    persistencexmrigminer

    • Adds autorun key to be loaded by Explorer.exe on startup

      persistence

    • xmrig

      XMRig is a high performance, open source, cross platform CPU/GPU miner.

      minerxmrig

    • Executes dropped EXE

    • Loads dropped DLL

    • Drops file in System32 directory

    behavioral1behavioral2

MITRE ATT&CK Matrix ATT&CK v6

Initial Access

Execution

Persistence

Registry Run Keys / Startup Folder

1
T1060

Privilege Escalation

Defense Evasion

Modify Registry

1
T1112

Credential Access

Discovery

Lateral Movement

Collection

Exfiltration

Command and Control

Impact

Tasks