General
-
Target
xmr.exe
-
Size
1.8MB
-
Sample
210507-hgkq144yrn
-
MD5
b1e29e528a7510be3c04dcff622f63ab
-
SHA1
ae8a2d88a4b0bcd8a11364be5a687f2a2a86d83a
-
SHA256
a98ccb74c29d4e6c3929cfea2f157dd53ce9c3ea67bd25934aab24f416ce9d13
-
SHA512
e7f59ab406d79832dacd0c4bdeb4bbbe8cc626bcf247502f8a817d2f2e39449450806976f5cb725a35f1bb1a58ef41488b32d6aea9cf3a54590c7989d3696040
Static task
static1
Behavioral task
behavioral1
Sample
xmr.exe
Resource
win7v20210408
Behavioral task
behavioral2
Sample
xmr.exe
Resource
win10v20210410
Malware Config
Targets
-
-
Target
xmr.exe
-
Size
1.8MB
-
MD5
b1e29e528a7510be3c04dcff622f63ab
-
SHA1
ae8a2d88a4b0bcd8a11364be5a687f2a2a86d83a
-
SHA256
a98ccb74c29d4e6c3929cfea2f157dd53ce9c3ea67bd25934aab24f416ce9d13
-
SHA512
e7f59ab406d79832dacd0c4bdeb4bbbe8cc626bcf247502f8a817d2f2e39449450806976f5cb725a35f1bb1a58ef41488b32d6aea9cf3a54590c7989d3696040
-
XMRig Miner Payload
-
Drops startup file
-
Suspicious use of SetThreadContext
-