General
-
Target
2bdd7b1248e121f05616fe3e3760a0fe18e0b05ced118fe7ce12f913df2361db
-
Size
14.8MB
-
Sample
210716-k48g3xm9vn
-
MD5
98ebf84c4cde159c9a70cf371b64275b
-
SHA1
9cf16fab93c58bd1bc4be454f00e67a1fe19e791
-
SHA256
2bdd7b1248e121f05616fe3e3760a0fe18e0b05ced118fe7ce12f913df2361db
-
SHA512
27e19d56f0024270cd4c367bd9f8865e307987be8f3267f3ca47a9d77c9847338ccc6ba5e2c1e8aadc414f0a12798ddfcd3f9e24c164259ea181b76d89684d26
Static task
static1
Behavioral task
behavioral1
Sample
2bdd7b1248e121f05616fe3e3760a0fe18e0b05ced118fe7ce12f913df2361db.exe
Resource
win7v20210410
Behavioral task
behavioral2
Sample
2bdd7b1248e121f05616fe3e3760a0fe18e0b05ced118fe7ce12f913df2361db.exe
Resource
win10v20210408
Malware Config
Targets
-
-
Target
2bdd7b1248e121f05616fe3e3760a0fe18e0b05ced118fe7ce12f913df2361db
-
Size
14.8MB
-
MD5
98ebf84c4cde159c9a70cf371b64275b
-
SHA1
9cf16fab93c58bd1bc4be454f00e67a1fe19e791
-
SHA256
2bdd7b1248e121f05616fe3e3760a0fe18e0b05ced118fe7ce12f913df2361db
-
SHA512
27e19d56f0024270cd4c367bd9f8865e307987be8f3267f3ca47a9d77c9847338ccc6ba5e2c1e8aadc414f0a12798ddfcd3f9e24c164259ea181b76d89684d26
-
XMRig Miner Payload
-
Creates new service(s)
-
Executes dropped EXE
-
Modifies Windows Firewall
-
Sets service image path in registry
-
Deletes itself
-
Drops file in System32 directory
-
Suspicious use of SetThreadContext
-