Overview

overview

10

Static

static

8

662829f326...c7.exe

windows7_x64

10

662829f326...c7.exe

windows10_x64

10

Sharing

Copy URL
Twitter E-mail

General

  • Target

    6680268274171904.zip

  • Size

    4.0MB

  • Sample

    210628-xt7nrwrbha

  • MD5

    f6dd6ad7360217e7d15048ad2a812d91

  • SHA1

    5c37c8d3ebe9e442cf7e319c2250a60f6e252e12

  • SHA256

    10c791c817e6cd7f487caf0b3f3d0be5a9afbba736cc6f7c25c641ff66124d0f

  • SHA512

    e35077f493c885927356a6c231cc070c11d4842603e61720c3d3d4367a606814562f4a20b6ed17a95a2902fdc1ca0754fe6de9261348f021f071fe981f00cfbc

Score
10/10
xmrigminerpersistenceupx

Malware Config

Targets

    • Target

      662829f326d96dac4f92e2d0e7fac7568671bda4582c4f4619bfbab289cdddc7

    • Size

      7.7MB

    • MD5

      db2043ebdadd10f3960ad7886369db27

    • SHA1

      37208b9e58a1425dc1a7f4242fb5e115724e7d9c

    • SHA256

      662829f326d96dac4f92e2d0e7fac7568671bda4582c4f4619bfbab289cdddc7

    • SHA512

      105dea00fab0f6b22dd9b565d34c4e14df723e7075404093e29fc1854cb8ef9b0f2e85b9e2bf0c22d411bbd3609556741f6abfd8c9eee728dc6f52a70e3a2ff5

    Score
    10/10
    xmrigminerpersistence

    • xmrig

      XMRig is a high performance, open source, cross platform CPU/GPU miner.

      minerxmrig

    • Drops file in Drivers directory

    • Adds Run key to start application

      persistence

    • Drops file in System32 directory

    behavioral1behavioral2

MITRE ATT&CK Matrix ATT&CK v6

Initial Access

Execution

Persistence

Registry Run Keys / Startup Folder

1
T1060

Privilege Escalation

Defense Evasion

Modify Registry

1
T1112

Credential Access

Discovery

Lateral Movement

Collection

Exfiltration

Command and Control

Impact

Tasks