General
-
Target
Software updated v2.5.1.rar
-
Size
127KB
-
Sample
210717-a5882wjvca
-
MD5
829a786929f96ab2ecfc5b321f8edf66
-
SHA1
2f772ee55dafeaf3d420e0c30bac1e50a8a14862
-
SHA256
60cc0c28611a4e7c41c68f31e82e9e39854fb944a813ea397b466c0e0c5028ea
-
SHA512
62be5027a513d9e361b0d23045da8bad17ed84b87327c3566570f12a893bb603de187eb130d437a8981b2efacc9b8a1b023cce8f9cd097b2c0e1fbe5906e464a
Static task
static1
Behavioral task
behavioral1
Sample
Software updated v2.5.1.exe
Resource
win7v20210410
Malware Config
Targets
-
-
Target
Software updated v2.5.1.exe
-
Size
239KB
-
MD5
e2aae986a720ccf6e5daba1ce4e9856c
-
SHA1
2fe4fee5bebf4f2edf8163a976dee67d7b811bc7
-
SHA256
1a6b940931599ed986c41e9eccd550061a7f43624c91e5fbc41360508a27d07b
-
SHA512
10046f18e6fc175503b2621a3178ae21a7117dd3febc78c78aaf2bd54ced9cb6fda2c0385db9f5fbe5d8cbbe4d8c5b15a5d8456a3a1a1024c598237df6dd3c2f
-
XMRig Miner Payload
-
Executes dropped EXE
-
Loads dropped DLL
-
Legitimate hosting services abused for malware hosting/C2
-
Suspicious use of SetThreadContext
-