General

  • Target

    97815160_by_Libranalysis

  • Size

    7.9MB

  • Sample

    210505-ex2j1hj93a

  • MD5

    97815160604ae98f2e532fba2144991f

  • SHA1

    c742f710017c59ead50019d7e8b2ee2d13ddc2c3

  • SHA256

    eade7c6101905efdc8d9b508485675f77149e4384b6f00765a342f61ada3886c

  • SHA512

    e5309b34a9e7c96d32b141b8930caeb4e96033f7adc50081ed1210c5b05b6e40c6da0f17f1e061b04cf0aa4b1827822b2ad58cfffbbcf275db3e35e8ea97c484

Score
10/10

Malware Config

Targets

    • Target

      97815160_by_Libranalysis

    • Size

      7.9MB

    • MD5

      97815160604ae98f2e532fba2144991f

    • SHA1

      c742f710017c59ead50019d7e8b2ee2d13ddc2c3

    • SHA256

      eade7c6101905efdc8d9b508485675f77149e4384b6f00765a342f61ada3886c

    • SHA512

      e5309b34a9e7c96d32b141b8930caeb4e96033f7adc50081ed1210c5b05b6e40c6da0f17f1e061b04cf0aa4b1827822b2ad58cfffbbcf275db3e35e8ea97c484

    Score
    10/10
    • Adds autorun key to be loaded by Explorer.exe on startup

    • xmrig

      XMRig is a high performance, open source, cross platform CPU/GPU miner.

    • Executes dropped EXE

    • Loads dropped DLL

    • Drops file in System32 directory

MITRE ATT&CK Matrix ATT&CK v6

Persistence

Registry Run Keys / Startup Folder

1
T1060

Defense Evasion

Modify Registry

1
T1112

Tasks