General

  • Target

    342ef4f2941187bdc7f66d148be0ff75

  • Size

    2MB

  • Sample

    211014-fskfvsgcb8

  • MD5

    342ef4f2941187bdc7f66d148be0ff75

  • SHA1

    7ff601a24c42ec01ef62c097927688a431c5aa76

  • SHA256

    046976da5783b0425976084bc16ababee1094e98a1f0648fc10c91dcf49bc395

  • SHA512

    84d9c5c7b83481e18efeecf8814bd050fd283dc1408a9a02fdc786ae2f8f08355ff87e24ab47a75e08291f0d75e8ae6747bb247e6a8859e8662d1999454605b2

Score
10/10

Malware Config

Targets

    • Target

      342ef4f2941187bdc7f66d148be0ff75

    • Size

      2MB

    • MD5

      342ef4f2941187bdc7f66d148be0ff75

    • SHA1

      7ff601a24c42ec01ef62c097927688a431c5aa76

    • SHA256

      046976da5783b0425976084bc16ababee1094e98a1f0648fc10c91dcf49bc395

    • SHA512

      84d9c5c7b83481e18efeecf8814bd050fd283dc1408a9a02fdc786ae2f8f08355ff87e24ab47a75e08291f0d75e8ae6747bb247e6a8859e8662d1999454605b2

    Score
    10/10
    • xmrig

      XMRig is a high performance, open source, cross platform CPU/GPU miner.

    • XMRig Miner Payload

    • Blocklisted process makes network request

    • Executes dropped EXE

    • Loads dropped DLL

    • Drops file in System32 directory

    • Suspicious use of SetThreadContext

MITRE ATT&CK Matrix ATT&CK v6

Execution

Scheduled Task

1
T1053

Persistence

Scheduled Task

1
T1053

Privilege Escalation

Scheduled Task

1
T1053

Tasks