General
-
Target
446.exe
-
Size
32KB
-
Sample
210507-wkt3p52r9e
-
MD5
1ad4a95949bcea5fc59d635f020e39fc
-
SHA1
60d6ffd37ce2642ea8699cb0d13e940e4c08619f
-
SHA256
4021b25dc6a32dc9157ee22bcf818f9eca8fe0d304ab1b436ea71eefbff92920
-
SHA512
0615fc8007cf43ba3d9ed0d86ccf07ff88f4d89c7dc2d88592f12a8e186c5255029e64376fa84781aad576cedc37c826865c719c6a159e2a7e713c92c204f32f
Malware Config
Targets
-
-
Target
446.exe
-
Size
32KB
-
MD5
1ad4a95949bcea5fc59d635f020e39fc
-
SHA1
60d6ffd37ce2642ea8699cb0d13e940e4c08619f
-
SHA256
4021b25dc6a32dc9157ee22bcf818f9eca8fe0d304ab1b436ea71eefbff92920
-
SHA512
0615fc8007cf43ba3d9ed0d86ccf07ff88f4d89c7dc2d88592f12a8e186c5255029e64376fa84781aad576cedc37c826865c719c6a159e2a7e713c92c204f32f
Score10/10-
RunningRat
RunningRat is a remote access trojan first seen in 2018.
-
xmrig
XMRig is a high performance, open source, cross platform CPU/GPU miner.
-
Executes dropped EXE
-
Sets DLL path for service in the registry
-
Deletes itself
-
Loads dropped DLL
-
Drops file in System32 directory
-