General
-
Target
978dbbcd7fe5aef66e208b49220efe402292abb56754dd81ba61c10ec9bcc357
-
Size
11.9MB
-
Sample
210513-yg4xasm1cx
-
MD5
b5072febf349daf9ec3efb305e919bbb
-
SHA1
f897d5d432849eba226148bd301b19e6ded7c67a
-
SHA256
978dbbcd7fe5aef66e208b49220efe402292abb56754dd81ba61c10ec9bcc357
-
SHA512
bc46f4c9b859a47a60de9d99df7a8084c96373238e505122a222f0f9fbb89514adf29d247b622714c82be726866a9463dcbb2bb9d8fd88a63cd02ac2f1b2839c
Static task
static1
Behavioral task
behavioral1
Sample
978dbbcd7fe5aef66e208b49220efe402292abb56754dd81ba61c10ec9bcc357.exe
Resource
win7v20210410
Malware Config
Targets
-
-
Target
978dbbcd7fe5aef66e208b49220efe402292abb56754dd81ba61c10ec9bcc357
-
Size
11.9MB
-
MD5
b5072febf349daf9ec3efb305e919bbb
-
SHA1
f897d5d432849eba226148bd301b19e6ded7c67a
-
SHA256
978dbbcd7fe5aef66e208b49220efe402292abb56754dd81ba61c10ec9bcc357
-
SHA512
bc46f4c9b859a47a60de9d99df7a8084c96373238e505122a222f0f9fbb89514adf29d247b622714c82be726866a9463dcbb2bb9d8fd88a63cd02ac2f1b2839c
-
XMRig Miner Payload
-
Creates new service(s)
-
Executes dropped EXE
-
Modifies Windows Firewall
-
Sets service image path in registry
-
Deletes itself
-
Drops file in System32 directory
-
Suspicious use of SetThreadContext
-