General
-
Target
f0ad2d31776715ecfcb4b4fda968cab8c8ac875f530bf5ff199b82c147f861b8
-
Size
164KB
-
Sample
210926-p8v2zaegeq
-
MD5
bd7bd7a952e266a38fda3a94ed6e9e32
-
SHA1
4a97b8a2b2039cb881e3a593572dae987c1eece1
-
SHA256
f0ad2d31776715ecfcb4b4fda968cab8c8ac875f530bf5ff199b82c147f861b8
-
SHA512
2972fb78e5574d447446aba5590aee8938f30dd8a85d9d6baf520de66379f95db5e885a21e35fff00e0d441091788cb8301ab26c69db87a3e6a1fbc7c342968f
Static task
static1
Malware Config
Targets
-
-
Target
f0ad2d31776715ecfcb4b4fda968cab8c8ac875f530bf5ff199b82c147f861b8
-
Size
164KB
-
MD5
bd7bd7a952e266a38fda3a94ed6e9e32
-
SHA1
4a97b8a2b2039cb881e3a593572dae987c1eece1
-
SHA256
f0ad2d31776715ecfcb4b4fda968cab8c8ac875f530bf5ff199b82c147f861b8
-
SHA512
2972fb78e5574d447446aba5590aee8938f30dd8a85d9d6baf520de66379f95db5e885a21e35fff00e0d441091788cb8301ab26c69db87a3e6a1fbc7c342968f
-
XMRig Miner Payload
-
Creates new service(s)
-
Executes dropped EXE
-
Modifies Windows Firewall
-
Sets service image path in registry
-
Deletes itself
-
Drops file in System32 directory
-
Suspicious use of SetThreadContext
-