Overview

overview

10

Static

static

357a1d94af...b6.exe

windows7_x64

10

357a1d94af...b6.exe

windows10_x64

10

Sharing

Copy URL
Twitter E-mail

General

  • Target

    357a1d94af889c7d73ca1a767222066f3550e007c7f52d3f83895fc5bf2e17b6.exe

  • Size

    93KB

  • Sample

    210629-ccag6pwlpa

  • MD5

    5c37355f4e6e623f3c097711ba48f136

  • SHA1

    363099caa5941f78a9912925963c54ad386f0c44

  • SHA256

    357a1d94af889c7d73ca1a767222066f3550e007c7f52d3f83895fc5bf2e17b6

  • SHA512

    a293f6f761c1a7d65964b8d6aff32c60f4b289327779d3c6286718656101d4882d3e123840e4bb34c0c57be924768ca57bb7df2a0021a4b0088b4a3b1892860b

Score
10/10
xmrigminer

Malware Config

Targets

    • Target

      357a1d94af889c7d73ca1a767222066f3550e007c7f52d3f83895fc5bf2e17b6.exe

    • Size

      93KB

    • MD5

      5c37355f4e6e623f3c097711ba48f136

    • SHA1

      363099caa5941f78a9912925963c54ad386f0c44

    • SHA256

      357a1d94af889c7d73ca1a767222066f3550e007c7f52d3f83895fc5bf2e17b6

    • SHA512

      a293f6f761c1a7d65964b8d6aff32c60f4b289327779d3c6286718656101d4882d3e123840e4bb34c0c57be924768ca57bb7df2a0021a4b0088b4a3b1892860b

    Score
    10/10
    xmrigminer

    • xmrig

      XMRig is a high performance, open source, cross platform CPU/GPU miner.

      minerxmrig

    • XMRig Miner Payload

      miner

    • Downloads MZ/PE file

    • Executes dropped EXE

    • Loads dropped DLL

    • Legitimate hosting services abused for malware hosting/C2

    • Suspicious use of SetThreadContext

    behavioral1behavioral2

MITRE ATT&CK Matrix ATT&CK v6

Initial Access

Execution

Scheduled Task

1
T1053

Persistence

Scheduled Task

1
T1053

Privilege Escalation

Scheduled Task

1
T1053

Defense Evasion

Credential Access

Discovery

System Information Discovery

1
T1082

Lateral Movement

Collection

Exfiltration

Command and Control

Web Service

1
T1102

Impact

Tasks