General
-
Target
taskhost.exe
-
Size
2.8MB
-
Sample
210507-d85xsajxxs
-
MD5
4d07687083cbaa9c4f9ed49ce324a74b
-
SHA1
b56252678f52db028b3731de9940bffe4d666fcc
-
SHA256
fd262d6c99b548dc34af6c75ec941894432781cbd760e8213be95ce65f1a7bba
-
SHA512
07962b7d646a6e2d8c570da102a1bbd960c81df22c5681b39c49b307a9cf2a4dfea8e607f5be40c43a5828ba15d1c4ada76ebc95d0f6d540e2d0b86a32d41ba7
Static task
static1
Behavioral task
behavioral1
Sample
taskhost.exe
Resource
win7v20210408
Behavioral task
behavioral2
Sample
taskhost.exe
Resource
win10v20210408
Malware Config
Targets
-
-
Target
taskhost.exe
-
Size
2.8MB
-
MD5
4d07687083cbaa9c4f9ed49ce324a74b
-
SHA1
b56252678f52db028b3731de9940bffe4d666fcc
-
SHA256
fd262d6c99b548dc34af6c75ec941894432781cbd760e8213be95ce65f1a7bba
-
SHA512
07962b7d646a6e2d8c570da102a1bbd960c81df22c5681b39c49b307a9cf2a4dfea8e607f5be40c43a5828ba15d1c4ada76ebc95d0f6d540e2d0b86a32d41ba7
-
XMRig Miner Payload
-
Drops startup file
-
Suspicious use of SetThreadContext
-