Overview

overview

10

Static

static

SecuriteIn...58.exe

windows7_x64

10

SecuriteIn...58.exe

windows10_x64

10

Sharing

Copy URL
Twitter E-mail

General

  • Target

    SecuriteInfo.com.Trojan.PackedNET.721.2973.1958

  • Size

    2.2MB

  • Sample

    210610-jlzbpevpm6

  • MD5

    bd8eaab97c1724a00678af57bfa1c060

  • SHA1

    075a96004a9a974ffd40254fbf36049cc9f0f940

  • SHA256

    1ed5337566938228ee9afcad29b1f722d55f4f8172a3157af4d4ad913541b2ea

  • SHA512

    d085a9c1a937c22e8bd2ed73e29cdc662723d88c83e6a0b8a7b90b67e61c92e8ae241c3237d51f1ad591e4f57cc0ec44de6d2c70f71e0af36e47dec79f514bda

Score
10/10
xmrigminer

Malware Config

Targets

    • Target

      SecuriteInfo.com.Trojan.PackedNET.721.2973.1958

    • Size

      2.2MB

    • MD5

      bd8eaab97c1724a00678af57bfa1c060

    • SHA1

      075a96004a9a974ffd40254fbf36049cc9f0f940

    • SHA256

      1ed5337566938228ee9afcad29b1f722d55f4f8172a3157af4d4ad913541b2ea

    • SHA512

      d085a9c1a937c22e8bd2ed73e29cdc662723d88c83e6a0b8a7b90b67e61c92e8ae241c3237d51f1ad591e4f57cc0ec44de6d2c70f71e0af36e47dec79f514bda

    Score
    10/10
    xmrigminer

    • xmrig

      XMRig is a high performance, open source, cross platform CPU/GPU miner.

      minerxmrig

    • XMRig Miner Payload

      miner

    • Executes dropped EXE

    • Loads dropped DLL

    • Legitimate hosting services abused for malware hosting/C2

    • Suspicious use of SetThreadContext

    behavioral1behavioral2

MITRE ATT&CK Matrix ATT&CK v6

Initial Access

Execution

Scheduled Task

1
T1053

Persistence

Scheduled Task

1
T1053

Privilege Escalation

Scheduled Task

1
T1053

Defense Evasion

Credential Access

Discovery

System Information Discovery

1
T1082

Lateral Movement

Collection

Exfiltration

Command and Control

Web Service

1
T1102

Impact

Tasks