Overview

overview

10

Static

static

mixazed_20...55.exe

windows7_x64

10

mixazed_20...55.exe

windows10_x64

10

Sharing

Copy URL
Twitter E-mail

General

  • Target

    mixazed_20210716-064155

  • Size

    3.2MB

  • Sample

    210716-sy2h656fe6

  • MD5

    de6e656ad1ffb89f617d238832c50801

  • SHA1

    47ff4c89cddc2e70cbe4b9387799a241029d5db4

  • SHA256

    6d62f6223f2181d3bd0030f22fdef5776b7021cfdfca848259e30c0874629b89

  • SHA512

    eea7036bd6d1d28c1db92dc37028eef685ca5e113053f1ac9590a085e70bd3020d712ef96e1a1e7a3389b54275fd0def0a916da9b20c8989a23ff2ceff19ca87

Score
10/10
xmrigminer

Malware Config

Targets

    • Target

      mixazed_20210716-064155

    • Size

      3.2MB

    • MD5

      de6e656ad1ffb89f617d238832c50801

    • SHA1

      47ff4c89cddc2e70cbe4b9387799a241029d5db4

    • SHA256

      6d62f6223f2181d3bd0030f22fdef5776b7021cfdfca848259e30c0874629b89

    • SHA512

      eea7036bd6d1d28c1db92dc37028eef685ca5e113053f1ac9590a085e70bd3020d712ef96e1a1e7a3389b54275fd0def0a916da9b20c8989a23ff2ceff19ca87

    Score
    10/10
    xmrigminer

    • xmrig

      XMRig is a high performance, open source, cross platform CPU/GPU miner.

      minerxmrig

    • XMRig Miner Payload

      miner

    • Executes dropped EXE

    • Loads dropped DLL

    • Legitimate hosting services abused for malware hosting/C2

    • Suspicious use of SetThreadContext

    behavioral1behavioral2

MITRE ATT&CK Matrix ATT&CK v6

Initial Access

Execution

Scheduled Task

1
T1053

Persistence

Scheduled Task

1
T1053

Privilege Escalation

Scheduled Task

1
T1053

Defense Evasion

Install Root Certificate

1
T1130

Modify Registry

1
T1112

Credential Access

Discovery

System Information Discovery

1
T1082

Lateral Movement

Collection

Exfiltration

Command and Control

Web Service

1
T1102

Impact

Tasks