Overview

overview

10

Static

static

ddd1b892ca...c6.exe

windows7_x64

10

ddd1b892ca...c6.exe

windows10_x64

10

Sharing

Copy URL
Twitter E-mail

General

  • Target

    ddd1b892cae78b0b9759353bc4f0b2c6

  • Size

    174KB

  • Sample

    210707-gp1fnt4w4a

  • MD5

    ddd1b892cae78b0b9759353bc4f0b2c6

  • SHA1

    29b088bc617ce93293700232ba864ecc4e5c5493

  • SHA256

    fb49ad3836c334d8d06a36a45994eaa52d7629ecbf765fe46aa53825aef56e56

  • SHA512

    34f60296876e38703027b41f40b2d243a7658693ffb24a7dc71776ae5ec88d0a78f28686fe1ea3598b08287529fbfdccbd4644cb9e3cf620cdab7624dd54a5eb

Score
10/10
xmrigminer

Malware Config

Targets

    • Target

      ddd1b892cae78b0b9759353bc4f0b2c6

    • Size

      174KB

    • MD5

      ddd1b892cae78b0b9759353bc4f0b2c6

    • SHA1

      29b088bc617ce93293700232ba864ecc4e5c5493

    • SHA256

      fb49ad3836c334d8d06a36a45994eaa52d7629ecbf765fe46aa53825aef56e56

    • SHA512

      34f60296876e38703027b41f40b2d243a7658693ffb24a7dc71776ae5ec88d0a78f28686fe1ea3598b08287529fbfdccbd4644cb9e3cf620cdab7624dd54a5eb

    Score
    10/10
    xmrigminer

    • xmrig

      XMRig is a high performance, open source, cross platform CPU/GPU miner.

      minerxmrig

    • XMRig Miner Payload

      miner

    • Executes dropped EXE

    • Loads dropped DLL

    • Legitimate hosting services abused for malware hosting/C2

    • Suspicious use of SetThreadContext

    behavioral1behavioral2

MITRE ATT&CK Matrix ATT&CK v6

Initial Access

Execution

Scheduled Task

1
T1053

Persistence

Scheduled Task

1
T1053

Privilege Escalation

Scheduled Task

1
T1053

Defense Evasion

Credential Access

Discovery

System Information Discovery

1
T1082

Lateral Movement

Collection

Exfiltration

Command and Control

Web Service

1
T1102

Impact

Tasks