General
-
Target
notepad.exe
-
Size
2.8MB
-
Sample
210505-nmwgqew83n
-
MD5
4930920087503d221d8bb13e1514620b
-
SHA1
07e2d9be6cce22e6b1b44992acf2d536c3675e07
-
SHA256
5cf202837c24442de4f09ee9a152c77f911b405541fd30567bcc370ef61f5f75
-
SHA512
9204d17902fb794600e5efb538f0269340393a84cf3c72ceb27884ab1f5f215a46c42a9f5de457167953d9bcdf7148d9a3b12d22812347af20e5e073a2802f0f
Static task
static1
Behavioral task
behavioral1
Sample
notepad.exe
Resource
win7v20210408
Behavioral task
behavioral2
Sample
notepad.exe
Resource
win10v20210408
Malware Config
Targets
-
-
Target
notepad.exe
-
Size
2.8MB
-
MD5
4930920087503d221d8bb13e1514620b
-
SHA1
07e2d9be6cce22e6b1b44992acf2d536c3675e07
-
SHA256
5cf202837c24442de4f09ee9a152c77f911b405541fd30567bcc370ef61f5f75
-
SHA512
9204d17902fb794600e5efb538f0269340393a84cf3c72ceb27884ab1f5f215a46c42a9f5de457167953d9bcdf7148d9a3b12d22812347af20e5e073a2802f0f
-
XMRig Miner Payload
-
Drops startup file
-
Suspicious use of SetThreadContext
-