General

  • Target

    csrss.exe

  • Size

    1MB

  • Sample

    210506-vbz27w95r6

  • MD5

    c952383a9e62b399001ebbb03468d786

  • SHA1

    1e45c19599479a6673c137ed59386b56696b4949

  • SHA256

    f45992d5769523b5380d45fe1a40f2c921eabf98b695d2c2b272bcde12cab75e

  • SHA512

    77eb2aeff62b52ec958315b46b7efb70574d2f42e7d2819cef615e0849e9f94bcd8a99113253213a9bd696e56e4024ce5e1f1a896f17d8ad0713a3955610f547

Score
10/10

Malware Config

Targets

    • Target

      csrss.exe

    • Size

      1MB

    • MD5

      c952383a9e62b399001ebbb03468d786

    • SHA1

      1e45c19599479a6673c137ed59386b56696b4949

    • SHA256

      f45992d5769523b5380d45fe1a40f2c921eabf98b695d2c2b272bcde12cab75e

    • SHA512

      77eb2aeff62b52ec958315b46b7efb70574d2f42e7d2819cef615e0849e9f94bcd8a99113253213a9bd696e56e4024ce5e1f1a896f17d8ad0713a3955610f547

    Score
    10/10
    • xmrig

      XMRig is a high performance, open source, cross platform CPU/GPU miner.

    • XMRig Miner Payload

    • UPX packed file

      Detects executables packed with UPX/modified UPX open source packer.

    • Drops startup file

    • Suspicious use of SetThreadContext

MITRE ATT&CK Matrix

Tasks