General
-
Target
mesteru.exe
-
Size
6.6MB
-
Sample
210716-3rhwrcsgdj
-
MD5
a0985ad40fc19ace07cc89ed1bc929b6
-
SHA1
53b35956e71e2d7562eadc502dd8fe3e5aab62a6
-
SHA256
7caf0b1c98a3c91c4bac3e7f695834f19798d6a8eb44edc988d4cb0cd88dc016
-
SHA512
2c14fc6789e2e96bff0a2c2099edd983ca5a86a4466bd15fce19b3df3479e434649449264159e08c981d8dbbc9927effede19ba4995290b52cede15ca07c4c97
Static task
static1
Malware Config
Targets
-
-
Target
mesteru.exe
-
Size
6.6MB
-
MD5
a0985ad40fc19ace07cc89ed1bc929b6
-
SHA1
53b35956e71e2d7562eadc502dd8fe3e5aab62a6
-
SHA256
7caf0b1c98a3c91c4bac3e7f695834f19798d6a8eb44edc988d4cb0cd88dc016
-
SHA512
2c14fc6789e2e96bff0a2c2099edd983ca5a86a4466bd15fce19b3df3479e434649449264159e08c981d8dbbc9927effede19ba4995290b52cede15ca07c4c97
-
Suspicious use of NtCreateProcessExOtherParentProcess
-
XMRig Miner Payload
-
Executes dropped EXE
-
Legitimate hosting services abused for malware hosting/C2
-