Overview

overview

10

Static

static

39a8becef6...36.exe

windows7_x64

8

39a8becef6...36.exe

windows10_x64

10

Sharing

Copy URL
Twitter E-mail

General

  • Target

    39a8becef66ccb3da484d4086b7c477d6d7a719055facef105ad8bed55764636

  • Size

    428KB

  • Sample

    210513-4dzrxcwq3s

  • MD5

    1b851741db97887f9c1232602b462a90

  • SHA1

    1523dff727c1bb11f1b16a45b6fe4a8334eaaab5

  • SHA256

    39a8becef66ccb3da484d4086b7c477d6d7a719055facef105ad8bed55764636

  • SHA512

    6a71699dda1b3bd4f6d02ce4fcd88a7998ec2d301cb844ab74caa5a4ae446e7d953c97f5e75673630dccebbd4e7bffb10fa75083f45cc01630b389fea4b37a97

Score
10/10
xmrigmacrominerpersistencexlm

Malware Config

Targets

    • Target

      39a8becef66ccb3da484d4086b7c477d6d7a719055facef105ad8bed55764636

    • Size

      428KB

    • MD5

      1b851741db97887f9c1232602b462a90

    • SHA1

      1523dff727c1bb11f1b16a45b6fe4a8334eaaab5

    • SHA256

      39a8becef66ccb3da484d4086b7c477d6d7a719055facef105ad8bed55764636

    • SHA512

      6a71699dda1b3bd4f6d02ce4fcd88a7998ec2d301cb844ab74caa5a4ae446e7d953c97f5e75673630dccebbd4e7bffb10fa75083f45cc01630b389fea4b37a97

    Score
    10/10
    macropersistencexlmxmrigminer

    • xmrig

      XMRig is a high performance, open source, cross platform CPU/GPU miner.

      minerxmrig

    • Executes dropped EXE

    • Suspicious Office macro

      Office document equipped with 4.0 macros.

      macroxlm

    • Loads dropped DLL

    • Adds Run key to start application

      persistence

    • Drops file in System32 directory

    behavioral1behavioral2

MITRE ATT&CK Enterprise v6

Tasks