General
-
Target
mainplg.exe
-
Size
8.3MB
-
Sample
210627-nb4wdeb9k2
-
MD5
d86922868602b785f595f06a0fe875bf
-
SHA1
3bf566c302d65d9a0ce8ba8464935b4594885d88
-
SHA256
a4d4332bfa88880a57d2aabf980ffa67ba399ca922c6d13a59e2577dbd80fc53
-
SHA512
c5566eabab40a6be70e976f3fb312cccf40be7f46ac53cb63cf0068678f989e8dfea4adf6b097f1f392116141e2989a1d5bd184242398b3113c2ff45096d2e6a
Static task
static1
Behavioral task
behavioral1
Sample
mainplg.exe
Resource
win7v20210410
Behavioral task
behavioral2
Sample
mainplg.exe
Resource
win10v20210410
Malware Config
Targets
-
-
Target
mainplg.exe
-
Size
8.3MB
-
MD5
d86922868602b785f595f06a0fe875bf
-
SHA1
3bf566c302d65d9a0ce8ba8464935b4594885d88
-
SHA256
a4d4332bfa88880a57d2aabf980ffa67ba399ca922c6d13a59e2577dbd80fc53
-
SHA512
c5566eabab40a6be70e976f3fb312cccf40be7f46ac53cb63cf0068678f989e8dfea4adf6b097f1f392116141e2989a1d5bd184242398b3113c2ff45096d2e6a
-
XMRig Miner Payload
-
Checks BIOS information in registry
BIOS information is often read in order to detect sandboxing environments.
-
Suspicious use of SetThreadContext
-