General
-
Target
2cd6a8c3f5d0d58e30ec39a6343eddc7cbd86ee00b8ccb3b8de51683e0c411d5
-
Size
154KB
-
Sample
210926-ztbd5afcdr
-
MD5
c782296b3f9a63691d54252f4b0daa4c
-
SHA1
b633d722bbdde0526469c1032fab16f31a368b72
-
SHA256
2cd6a8c3f5d0d58e30ec39a6343eddc7cbd86ee00b8ccb3b8de51683e0c411d5
-
SHA512
ea04bd7bed35738efa5277e35cc6f6f3a31a6d0fcc7939d792d7314fa6df08ed7358077f4de9465555de4e9d9b3fb0692055b4c34538a28ca3bc71b0c35856ad
Static task
static1
Malware Config
Targets
-
-
Target
2cd6a8c3f5d0d58e30ec39a6343eddc7cbd86ee00b8ccb3b8de51683e0c411d5
-
Size
154KB
-
MD5
c782296b3f9a63691d54252f4b0daa4c
-
SHA1
b633d722bbdde0526469c1032fab16f31a368b72
-
SHA256
2cd6a8c3f5d0d58e30ec39a6343eddc7cbd86ee00b8ccb3b8de51683e0c411d5
-
SHA512
ea04bd7bed35738efa5277e35cc6f6f3a31a6d0fcc7939d792d7314fa6df08ed7358077f4de9465555de4e9d9b3fb0692055b4c34538a28ca3bc71b0c35856ad
-
XMRig Miner Payload
-
Creates new service(s)
-
Executes dropped EXE
-
Modifies Windows Firewall
-
Sets service image path in registry
-
Deletes itself
-
Drops file in System32 directory
-
Suspicious use of SetThreadContext
-