General

  • Target

    14e353c6693d3ef687d19d63fd6a4799.exe

  • Size

    112KB

  • Sample

    210510-6vtwrrt6va

  • MD5

    14e353c6693d3ef687d19d63fd6a4799

  • SHA1

    7fd96d9c3fe390a4a89980173e235167dfafef16

  • SHA256

    a27c3c08c44a620f56ea19c17df3151e7a3cc59630732087f79e93bcd567085f

  • SHA512

    86c7dd95e42c26bcd03dc97c8d34753117116da5a84fdcb8fb509e6fcd19947b927d219ca385b7be2d495d508577c621629600eb4dfa447a72e7d350be494574

Malware Config

Targets

    • Target

      14e353c6693d3ef687d19d63fd6a4799.exe

    • Size

      112KB

    • MD5

      14e353c6693d3ef687d19d63fd6a4799

    • SHA1

      7fd96d9c3fe390a4a89980173e235167dfafef16

    • SHA256

      a27c3c08c44a620f56ea19c17df3151e7a3cc59630732087f79e93bcd567085f

    • SHA512

      86c7dd95e42c26bcd03dc97c8d34753117116da5a84fdcb8fb509e6fcd19947b927d219ca385b7be2d495d508577c621629600eb4dfa447a72e7d350be494574

    Score
    10/10
    • xmrig

      XMRig is a high performance, open source, cross platform CPU/GPU miner.

    • Executes dropped EXE

    • Sets DLL path for service in the registry

    • Deletes itself

    • Loads dropped DLL

    • Drops file in System32 directory

MITRE ATT&CK Matrix ATT&CK v6

Persistence

Registry Run Keys / Startup Folder

1
T1060

Defense Evasion

Modify Registry

1
T1112

Discovery

System Information Discovery

1
T1082

Remote System Discovery

1
T1018

Tasks