Overview

overview

10

Static

static

75f0f24bfd...e0.exe

windows7_x64

10

75f0f24bfd...e0.exe

windows10_x64

10

Sharing

Copy URL
Twitter E-mail

General

  • Target

    75f0f24bfda793665529380f798f55197739232c9445324ba8e1dcf6f47d51e0

  • Size

    5.4MB

  • Sample

    210504-kh7hba54yn

  • MD5

    11e5119eec367d6749fb1cc364a3ca8c

  • SHA1

    ef143a9b2839c596278ded143268a26db099b4e7

  • SHA256

    75f0f24bfda793665529380f798f55197739232c9445324ba8e1dcf6f47d51e0

  • SHA512

    b03451fabb47dc7dbb7de430b169bbb47e772b46413c4a04655542b4b5ec4603a9a25db3764c122a1d60de2b2218d1f1de61a9b65226ca2f84b9c8ad27ad8c58

Score
10/10
xmrigminerpersistence

Malware Config

Targets

    • Target

      75f0f24bfda793665529380f798f55197739232c9445324ba8e1dcf6f47d51e0

    • Size

      5.4MB

    • MD5

      11e5119eec367d6749fb1cc364a3ca8c

    • SHA1

      ef143a9b2839c596278ded143268a26db099b4e7

    • SHA256

      75f0f24bfda793665529380f798f55197739232c9445324ba8e1dcf6f47d51e0

    • SHA512

      b03451fabb47dc7dbb7de430b169bbb47e772b46413c4a04655542b4b5ec4603a9a25db3764c122a1d60de2b2218d1f1de61a9b65226ca2f84b9c8ad27ad8c58

    Score
    10/10
    xmrigminerpersistence

    • Adds autorun key to be loaded by Explorer.exe on startup

      persistence

    • xmrig

      XMRig is a high performance, open source, cross platform CPU/GPU miner.

      minerxmrig

    • Executes dropped EXE

    • Loads dropped DLL

    • Drops file in System32 directory

    behavioral1behavioral2

MITRE ATT&CK Matrix ATT&CK v6

Initial Access

Execution

Persistence

Registry Run Keys / Startup Folder

1
T1060

Privilege Escalation

Defense Evasion

Modify Registry

1
T1112

Credential Access

Discovery

Lateral Movement

Collection

Exfiltration

Command and Control

Impact

Tasks