General
-
Target
cf76b458a0d294caf87cfc6d6c0f0269fe4d0b5a149c11933dc3f5897ef8bd64
-
Size
13.7MB
-
Sample
210716-5rgn63v2x6
-
MD5
31f47d08ddb80472b7c66a253cabe6be
-
SHA1
fc694ea2c7afd8c8da90277310a6ab766954144e
-
SHA256
cf76b458a0d294caf87cfc6d6c0f0269fe4d0b5a149c11933dc3f5897ef8bd64
-
SHA512
8ee742756fdfd592b9504f73b7dc28cd06919d8c900a708b4a8b85ccb230de4a0e07f1469c0b52827fb5dc6982a47674f6ece249a8ec0669b378b4544d01cb4b
Static task
static1
Behavioral task
behavioral1
Sample
cf76b458a0d294caf87cfc6d6c0f0269fe4d0b5a149c11933dc3f5897ef8bd64.exe
Resource
win7v20210410
Behavioral task
behavioral2
Sample
cf76b458a0d294caf87cfc6d6c0f0269fe4d0b5a149c11933dc3f5897ef8bd64.exe
Resource
win10v20210408
Malware Config
Targets
-
-
Target
cf76b458a0d294caf87cfc6d6c0f0269fe4d0b5a149c11933dc3f5897ef8bd64
-
Size
13.7MB
-
MD5
31f47d08ddb80472b7c66a253cabe6be
-
SHA1
fc694ea2c7afd8c8da90277310a6ab766954144e
-
SHA256
cf76b458a0d294caf87cfc6d6c0f0269fe4d0b5a149c11933dc3f5897ef8bd64
-
SHA512
8ee742756fdfd592b9504f73b7dc28cd06919d8c900a708b4a8b85ccb230de4a0e07f1469c0b52827fb5dc6982a47674f6ece249a8ec0669b378b4544d01cb4b
-
XMRig Miner Payload
-
Creates new service(s)
-
Executes dropped EXE
-
Modifies Windows Firewall
-
Sets service image path in registry
-
Deletes itself
-
Drops file in System32 directory
-
Suspicious use of SetThreadContext
-