General

  • Target

    activation.exe

  • Size

    2.2MB

  • Sample

    210507-ks4evjys72

  • MD5

    2a8053b9d54341d3034b16e41c42885f

  • SHA1

    d7f4188ce05d608cbbe5960b01cc2429351ae607

  • SHA256

    0fb3b99e498638894f8a39cb9235108012e6820afb9f96dee7de733f7095f4ef

  • SHA512

    38de1d1901bfa0c0be33d7729700315f1506a562f19788de99460e428995de28668f45a2a6c93cd5ddd875f032de5ba4b9970006b0355a115ae63f888ac04827

Score
10/10

Malware Config

Targets

    • Target

      activation.exe

    • Size

      2.2MB

    • MD5

      2a8053b9d54341d3034b16e41c42885f

    • SHA1

      d7f4188ce05d608cbbe5960b01cc2429351ae607

    • SHA256

      0fb3b99e498638894f8a39cb9235108012e6820afb9f96dee7de733f7095f4ef

    • SHA512

      38de1d1901bfa0c0be33d7729700315f1506a562f19788de99460e428995de28668f45a2a6c93cd5ddd875f032de5ba4b9970006b0355a115ae63f888ac04827

    Score
    10/10
    • xmrig

      XMRig is a high performance, open source, cross platform CPU/GPU miner.

    • XMRig Miner Payload

    • Executes dropped EXE

    • Loads dropped DLL

    • Suspicious use of SetThreadContext

MITRE ATT&CK Matrix ATT&CK v6

Execution

Scheduled Task

1
T1053

Persistence

Scheduled Task

1
T1053

Privilege Escalation

Scheduled Task

1
T1053

Discovery

System Information Discovery

1
T1082

Tasks