General

  • Target

    xmr.exe

  • Size

    1.8MB

  • Sample

    210507-hgkq144yrn

  • MD5

    b1e29e528a7510be3c04dcff622f63ab

  • SHA1

    ae8a2d88a4b0bcd8a11364be5a687f2a2a86d83a

  • SHA256

    a98ccb74c29d4e6c3929cfea2f157dd53ce9c3ea67bd25934aab24f416ce9d13

  • SHA512

    e7f59ab406d79832dacd0c4bdeb4bbbe8cc626bcf247502f8a817d2f2e39449450806976f5cb725a35f1bb1a58ef41488b32d6aea9cf3a54590c7989d3696040

Score
10/10

Malware Config

Targets

    • Target

      xmr.exe

    • Size

      1.8MB

    • MD5

      b1e29e528a7510be3c04dcff622f63ab

    • SHA1

      ae8a2d88a4b0bcd8a11364be5a687f2a2a86d83a

    • SHA256

      a98ccb74c29d4e6c3929cfea2f157dd53ce9c3ea67bd25934aab24f416ce9d13

    • SHA512

      e7f59ab406d79832dacd0c4bdeb4bbbe8cc626bcf247502f8a817d2f2e39449450806976f5cb725a35f1bb1a58ef41488b32d6aea9cf3a54590c7989d3696040

    Score
    10/10
    • xmrig

      XMRig is a high performance, open source, cross platform CPU/GPU miner.

    • XMRig Miner Payload

    • UPX packed file

      Detects executables packed with UPX/modified UPX open source packer.

    • Drops startup file

    • Suspicious use of SetThreadContext

MITRE ATT&CK Matrix

Tasks