Overview

overview

10

Static

static

eb9f90fdaf...bd.exe

windows7_x64

10

eb9f90fdaf...bd.exe

windows10_x64

10

Sharing

Copy URL
Twitter E-mail

General

  • Target

    eb9f90fdaf8f78ff76132098d17fd0bd

  • Size

    45KB

  • Sample

    210723-x9jxven8c2

  • MD5

    eb9f90fdaf8f78ff76132098d17fd0bd

  • SHA1

    516bbca9d82ae9e8d35a5120cf16b95d87a8c35a

  • SHA256

    479579cc0f9ecdbcdb6d8df674940a411a0fdaa9ab66fc87db6a24658f979204

  • SHA512

    fab644025e6f4e5d8761a3597bb166a2b14b0da0be01edda0194c9b634f3e9ca3dad45ff83342e61d37a0813b96e0a52455f19eca479fc62cefa3fc09410e13d

Score
10/10
xmrigminer

Malware Config

Targets

    • Target

      eb9f90fdaf8f78ff76132098d17fd0bd

    • Size

      45KB

    • MD5

      eb9f90fdaf8f78ff76132098d17fd0bd

    • SHA1

      516bbca9d82ae9e8d35a5120cf16b95d87a8c35a

    • SHA256

      479579cc0f9ecdbcdb6d8df674940a411a0fdaa9ab66fc87db6a24658f979204

    • SHA512

      fab644025e6f4e5d8761a3597bb166a2b14b0da0be01edda0194c9b634f3e9ca3dad45ff83342e61d37a0813b96e0a52455f19eca479fc62cefa3fc09410e13d

    Score
    10/10
    xmrigminer

    • xmrig

      XMRig is a high performance, open source, cross platform CPU/GPU miner.

      minerxmrig

    • XMRig Miner Payload

      miner

    • Executes dropped EXE

    • Loads dropped DLL

    • Legitimate hosting services abused for malware hosting/C2

    • Suspicious use of SetThreadContext

    behavioral1behavioral2

MITRE ATT&CK Matrix ATT&CK v6

Initial Access

Execution

Scheduled Task

1
T1053

Persistence

Scheduled Task

1
T1053

Privilege Escalation

Scheduled Task

1
T1053

Defense Evasion

Install Root Certificate

1
T1130

Modify Registry

1
T1112

Credential Access

Discovery

System Information Discovery

1
T1082

Lateral Movement

Collection

Exfiltration

Command and Control

Web Service

1
T1102

Impact

Tasks