General
-
Target
aa.exe
-
Size
28.1MB
-
Sample
210507-q3gwart18x
-
MD5
8d9d7f5babe3ee15f2e93a4321fa45cf
-
SHA1
689d53ae66e75e0b5715c0d04a7cab20e5390790
-
SHA256
c4d49491a43ee26c28633a786a88812b293a3712414ddb5a7bcb81de026d73ee
-
SHA512
12e23c78465c65364b00df5685ea8b4e7a3b4ab2832bed18311b535a54ed48d0bd07c8b72474b43dc95893c6dea2261abeaf41c20683c923f43c4562f1bf3c91
Behavioral task
behavioral1
Sample
aa.exe
Resource
win7v20210410
Behavioral task
behavioral2
Sample
aa.exe
Resource
win10v20210410
Malware Config
Targets
-
-
Target
aa.exe
-
Size
28.1MB
-
MD5
8d9d7f5babe3ee15f2e93a4321fa45cf
-
SHA1
689d53ae66e75e0b5715c0d04a7cab20e5390790
-
SHA256
c4d49491a43ee26c28633a786a88812b293a3712414ddb5a7bcb81de026d73ee
-
SHA512
12e23c78465c65364b00df5685ea8b4e7a3b4ab2832bed18311b535a54ed48d0bd07c8b72474b43dc95893c6dea2261abeaf41c20683c923f43c4562f1bf3c91
Score10/10-
Modifies WinLogon for persistence
-
XMRig Miner Payload
-
Creates new service(s)
-
Executes dropped EXE
-
Deletes itself
-
Loads dropped DLL
-