General
-
Target
notepad.exe
-
Size
2.4MB
-
Sample
210627-4hh5k7kjtn
-
MD5
75feb6ec8f3d9384a9deb3c93fa82f27
-
SHA1
ba3e132f4969aa558b8af94d5af0021c4fae9da2
-
SHA256
075346be97ddeb27face2c0ebb99da807fb0c03379d3c39c9e3632501f6b19b0
-
SHA512
4e505e7f2dde0df215eb7cc77c4ef0147f1dbd2233e921a1d04f288a86b120089e67ce5320388c34173b0b05b5f5501e9dbd6db4d64540baf50900e838d1f881
Static task
static1
Behavioral task
behavioral1
Sample
notepad.exe
Resource
win7v20210410
Behavioral task
behavioral2
Sample
notepad.exe
Resource
win10v20210410
Malware Config
Targets
-
-
Target
notepad.exe
-
Size
2.4MB
-
MD5
75feb6ec8f3d9384a9deb3c93fa82f27
-
SHA1
ba3e132f4969aa558b8af94d5af0021c4fae9da2
-
SHA256
075346be97ddeb27face2c0ebb99da807fb0c03379d3c39c9e3632501f6b19b0
-
SHA512
4e505e7f2dde0df215eb7cc77c4ef0147f1dbd2233e921a1d04f288a86b120089e67ce5320388c34173b0b05b5f5501e9dbd6db4d64540baf50900e838d1f881
-
XMRig Miner Payload
-
Drops startup file
-
Suspicious use of SetThreadContext
-