General
-
Target
Dristalix.rar
-
Size
6.2MB
-
Sample
210717-v7jrd6cfhn
-
MD5
b9e0d550a387011614e96eee7894f44a
-
SHA1
a3a6abcb75c80cd123b137255a22ed55fd827e10
-
SHA256
c0f2713b2cb88cbfc7b59f97876eaa064a9b43b4ec6cbb12bcd78e20e56f464a
-
SHA512
f7c2782b5e093505f6adde5931a830eb6d9bb522e2c32a7812854063654563750c46bcb20af57ccd3e427ed4a667c021c4bfd2a86a279cf7961658ea106d3438
Static task
static1
Behavioral task
behavioral1
Sample
Cristalix/Cristalix_New_t.exe
Resource
win7v20210410
Malware Config
Targets
-
-
Target
Cristalix/Cristalix_New_t.exe
-
Size
6.5MB
-
MD5
c2b39eba635ba5dc92c1a7aaf6999be3
-
SHA1
65800969eb6066c6d3632b176d2c7bb97664a69a
-
SHA256
e3bdbc55c8c0d6eb4c87bf3f3670fbb58d6ed8d87d5feb21b502298532a45fbb
-
SHA512
611cc6eaadb361cb4a37915c964778d5caa307027d406295cce41986133c682b1b446f65af156a1ab71c8aacda8934ac3cd29c51e0771340553eac3d6a1d5f61
-
XMRig Miner Payload
-
Executes dropped EXE
-
Loads dropped DLL
-
Legitimate hosting services abused for malware hosting/C2
-
Suspicious use of SetThreadContext
-