General
-
Target
c0ad70f9_by_Libranalysis
-
Size
12.3MB
-
Sample
210505-gysdfxsysj
-
MD5
c0ad70f9c2b3620dd629c84220f06181
-
SHA1
74459e1ef6e7b892ac1a68a222e36263ebcd01db
-
SHA256
4b9afe0a9750dec2d7dc5191281107337cfd58514cc45c794f00827db79df003
-
SHA512
aa01d45f51000177d2bf6034c2ebaacc4309a858f2148845acb67fe4ba582c7adc48aac4cc89437cecb5b4d794304c30d3cdfdfe163743ce5c4cb6e38cad7f91
Behavioral task
behavioral1
Sample
c0ad70f9_by_Libranalysis.exe
Resource
win7v20210410
Malware Config
Targets
-
-
Target
c0ad70f9_by_Libranalysis
-
Size
12.3MB
-
MD5
c0ad70f9c2b3620dd629c84220f06181
-
SHA1
74459e1ef6e7b892ac1a68a222e36263ebcd01db
-
SHA256
4b9afe0a9750dec2d7dc5191281107337cfd58514cc45c794f00827db79df003
-
SHA512
aa01d45f51000177d2bf6034c2ebaacc4309a858f2148845acb67fe4ba582c7adc48aac4cc89437cecb5b4d794304c30d3cdfdfe163743ce5c4cb6e38cad7f91
-
XMRig Miner Payload
-
Executes dropped EXE
-
Sets file execution options in registry
-
Checks computer location settings
Looks up country code configured in the registry, likely geofence.
-
Adds Run key to start application
-
Drops file in System32 directory
-