General
-
Target
notepad.exe
-
Size
2.8MB
-
Sample
210507-gpcsx3m82j
-
MD5
36ea032886448b2a1e55a93594c1eba3
-
SHA1
9a9c0c66a5a7bbedaf75e3a09670f0307674419b
-
SHA256
0e8fe646dfc58cda3a87d1d236a72708b268878ecf78d7dc77443c6814d66145
-
SHA512
7e7e4592dd2fdf1b89dee548688932b2fc1fdc11f26ad67bb66b716b2511d9c81b36a9965c51f149702ec49f9e5035dfcf664a802d410f96994607387df416db
Static task
static1
Behavioral task
behavioral1
Sample
notepad.exe
Resource
win7v20210408
Behavioral task
behavioral2
Sample
notepad.exe
Resource
win10v20210410
Malware Config
Targets
-
-
Target
notepad.exe
-
Size
2.8MB
-
MD5
36ea032886448b2a1e55a93594c1eba3
-
SHA1
9a9c0c66a5a7bbedaf75e3a09670f0307674419b
-
SHA256
0e8fe646dfc58cda3a87d1d236a72708b268878ecf78d7dc77443c6814d66145
-
SHA512
7e7e4592dd2fdf1b89dee548688932b2fc1fdc11f26ad67bb66b716b2511d9c81b36a9965c51f149702ec49f9e5035dfcf664a802d410f96994607387df416db
-
XMRig Miner Payload
-
Drops startup file
-
Suspicious use of SetThreadContext
-