General

  • Target

    notepad.exe

  • Size

    2.8MB

  • Sample

    210507-gpcsx3m82j

  • MD5

    36ea032886448b2a1e55a93594c1eba3

  • SHA1

    9a9c0c66a5a7bbedaf75e3a09670f0307674419b

  • SHA256

    0e8fe646dfc58cda3a87d1d236a72708b268878ecf78d7dc77443c6814d66145

  • SHA512

    7e7e4592dd2fdf1b89dee548688932b2fc1fdc11f26ad67bb66b716b2511d9c81b36a9965c51f149702ec49f9e5035dfcf664a802d410f96994607387df416db

Score
10/10

Malware Config

Targets

    • Target

      notepad.exe

    • Size

      2.8MB

    • MD5

      36ea032886448b2a1e55a93594c1eba3

    • SHA1

      9a9c0c66a5a7bbedaf75e3a09670f0307674419b

    • SHA256

      0e8fe646dfc58cda3a87d1d236a72708b268878ecf78d7dc77443c6814d66145

    • SHA512

      7e7e4592dd2fdf1b89dee548688932b2fc1fdc11f26ad67bb66b716b2511d9c81b36a9965c51f149702ec49f9e5035dfcf664a802d410f96994607387df416db

    Score
    10/10
    • xmrig

      XMRig is a high performance, open source, cross platform CPU/GPU miner.

    • XMRig Miner Payload

    • UPX packed file

      Detects executables packed with UPX/modified UPX open source packer.

    • Drops startup file

    • Suspicious use of SetThreadContext

MITRE ATT&CK Matrix

Tasks