Overview

overview

10

Static

static

72e78026a6...ed.exe

windows7_x64

8

72e78026a6...ed.exe

windows10_x64

10

Sharing

Copy URL
Twitter E-mail

General

  • Target

    72e78026a689d2c19d4f8b114826b848dbd7b9a3e61b2b67bdb67e251f4312ed

  • Size

    507KB

  • Sample

    210513-nyjd1jqas2

  • MD5

    23b72853593ab99c7b8e48fcd808d4e4

  • SHA1

    b3384c345f9732bf33827c037af3c0bc7bc94ebb

  • SHA256

    72e78026a689d2c19d4f8b114826b848dbd7b9a3e61b2b67bdb67e251f4312ed

  • SHA512

    eb5e6fa0b5251cfdea345aa64c77b44779fda40299822aa78333ddc8d1dfef0ba78937f3785847869fba68627f938117a04155d3b54842f16d5100ab58b7f10b

Score
10/10
xmrigmacrominerpersistencexlm

Malware Config

Targets

    • Target

      72e78026a689d2c19d4f8b114826b848dbd7b9a3e61b2b67bdb67e251f4312ed

    • Size

      507KB

    • MD5

      23b72853593ab99c7b8e48fcd808d4e4

    • SHA1

      b3384c345f9732bf33827c037af3c0bc7bc94ebb

    • SHA256

      72e78026a689d2c19d4f8b114826b848dbd7b9a3e61b2b67bdb67e251f4312ed

    • SHA512

      eb5e6fa0b5251cfdea345aa64c77b44779fda40299822aa78333ddc8d1dfef0ba78937f3785847869fba68627f938117a04155d3b54842f16d5100ab58b7f10b

    Score
    10/10
    macropersistencexlmxmrigminer

    • xmrig

      XMRig is a high performance, open source, cross platform CPU/GPU miner.

      minerxmrig

    • Executes dropped EXE

    • Suspicious Office macro

      Office document equipped with 4.0 macros.

      macroxlm

    • Loads dropped DLL

    • Adds Run key to start application

      persistence

    • Drops file in System32 directory

    behavioral1behavioral2

MITRE ATT&CK Enterprise v6

Tasks