General
-
Target
4c02eaf72087d84609c6a3ab2b1f937b9610cfce1c088480efef333c788f2115
-
Size
164KB
-
Sample
210926-ns5e2aefeq
-
MD5
d649d038cbf42befb5e8a84c0c0409df
-
SHA1
cb7c56f0e704a6d0ea3e30cf3cc5b3db5b14a617
-
SHA256
4c02eaf72087d84609c6a3ab2b1f937b9610cfce1c088480efef333c788f2115
-
SHA512
4ee8b9a76e54a7b4cfbb1e32f61095ba4dac4a046612f263ca7bb63d302660f7f8c05c6f11c038f62d6541919f37cb8ac5b7b205ecd05a072c8e8dba956fe4ed
Static task
static1
Malware Config
Targets
-
-
Target
4c02eaf72087d84609c6a3ab2b1f937b9610cfce1c088480efef333c788f2115
-
Size
164KB
-
MD5
d649d038cbf42befb5e8a84c0c0409df
-
SHA1
cb7c56f0e704a6d0ea3e30cf3cc5b3db5b14a617
-
SHA256
4c02eaf72087d84609c6a3ab2b1f937b9610cfce1c088480efef333c788f2115
-
SHA512
4ee8b9a76e54a7b4cfbb1e32f61095ba4dac4a046612f263ca7bb63d302660f7f8c05c6f11c038f62d6541919f37cb8ac5b7b205ecd05a072c8e8dba956fe4ed
-
XMRig Miner Payload
-
Creates new service(s)
-
Executes dropped EXE
-
Modifies Windows Firewall
-
Sets service image path in registry
-
Deletes itself
-
Drops file in System32 directory
-
Suspicious use of SetThreadContext
-