General

  • Target

    SugarLogic_#[email protected]

  • Size

    23.6MB

  • Sample

    211029-xtncksafbp

  • MD5

    7aee2b8a5260b302891cffddc0652371

  • SHA1

    30edd1f3589dec98c4410d91920db206ae58453c

  • SHA256

    317806eaebb1cec9ddb962ef7fa19ee0673a67db3a8c7d650d76885041031ce8

  • SHA512

    988597537836a0e36d60aeecb1ceed76743c487c71a01d5c54b42f70e0d5bdeac10e6183749381e132c7ccf288b45013eed8635314a32d17b4b281243843cb5f

Malware Config

Targets

    • Target

      SugarLogic_#teamtnt_by_@r3dbU7z/TNTb/aarch64

    • Size

      93KB

    • MD5

      777e1d9b717d339a7582e06ab28d0dd3

    • SHA1

      2dedafccec26c368ed4aa7ae30971996577435e4

    • SHA256

      95809d96f85e1571a3120c7c09a7f34fa84cb5902ad5172398dc2bb0ff1dd24a

    • SHA512

      ebe96e76b1460a26947ea0a40f8554d17853ca4896315f44b2ac6e2b59af77b6135c17a096d82bd530ea49a0ea83544de69f31340e27cf94c7b3cc38626aebe0

    Score
    1/10
    • Target

      SugarLogic_#teamtnt_by_@r3dbU7z/TNTb/x86_64

    • Size

      41KB

    • MD5

      bdb404a243e374cda8948a5480f263e6

    • SHA1

      98bea07044c2a756f5179b8bc776971f9a03b7db

    • SHA256

      33c8591edd61c6e968e727683a63fba0352b5b6b59a0b3005628c38848dd7dd3

    • SHA512

      6d6ce4f156e3250965bf9b445be968967f8c5a596448ad1b8d41a189d28e9d4aa8fe8a32d8a0ad5956c020629b7401c705117832f48058bac071c7bb37e1ab62

    Score
    1/10
    • Target

      SugarLogic_#teamtnt_by_@r3dbU7z/libpcap.so

    • Size

      303KB

    • MD5

      2f6d7b419577e0fde4e1d31b0e82523f

    • SHA1

      ceabd06f405e7a56e0b85969e72a2a620cf49ef7

    • SHA256

      78facfc012957637c52763a17b94fd21f1e85f5dfaf26e459c1e4a9041e6f0e0

    • SHA512

      7120e6873a12e6edafca92ad85e0519a7bb04c021fb66dc2d466452d82451bc08faa4db1f7f8df1bc785aeba20f7d1eb36760a5b9510e2541a334f5a34f261a1

    Score
    1/10
    • Target

      SugarLogic_#teamtnt_by_@r3dbU7z/my.xmr.sh

    • Size

      1KB

    • MD5

      ec5e39b2e10d2a76df21ab3d9143de42

    • SHA1

      75735eee72da072763a716e1457f8e17ebf10868

    • SHA256

      0085bf33d4e4e051a15a1bd70636055d709aeef79025080afc7a8148ece55339

    • SHA512

      b04067e6532c1dbb3b06c8682ff76295d535f71f6e01050489f5e5c6065787a77cafb819ffb203adb8aac73c046ed6459236b5b8ea50dacab6a558c03bb6ada3

    Score
    1/10
    • Target

      SugarLogic_#teamtnt_by_@r3dbU7z/win/init.bat

    • Size

      14KB

    • MD5

      9364c5f0a2594db56f9254cd99f9e9b0

    • SHA1

      f815667e9cbd9206e812c7b664e34b72255e0e01

    • SHA256

      7bb1bd97dc93f0acf22eff6a5cbd9be685d18c8dbc982a24219928159c916c69

    • SHA512

      1edbb65b9bd39357eff9bd7416f1212ed4b05e0616edf9451969a401db0fad926f060a3b99263f38625c338a0d4257114587edd8d4a6a8abfa5d97a9156b0b89

    Score
    10/10
    • xmrig

      XMRig is a high performance, open source, cross platform CPU/GPU miner.

    • XMRig Miner Payload

    • Blocklisted process makes network request

    • Executes dropped EXE

    • Stops running service(s)

    • Drops startup file

    • Target

      SugarLogic_#teamtnt_by_@r3dbU7z/win/init2.bat

    • Size

      14KB

    • MD5

      abcfb2660a661a8c0bc4db1417361dd7

    • SHA1

      6ad3b3d768526e3e43ad01dbb40d24e235dead2d

    • SHA256

      451a4cbb6b931d8bb8392f08e7c9ec517b1b1ef06f42e1c8105e4feaafd6b157

    • SHA512

      b05c19c865a2f2dcc8b8299e53bc60a408e57b57405238d6972e8aa44af5d4625d4276af125d86de04a3865aab2f727f855ea4b3827eb838b28775e794913271

    Score
    10/10
    • xmrig

      XMRig is a high performance, open source, cross platform CPU/GPU miner.

    • XMRig Miner Payload

    • Blocklisted process makes network request

    • Executes dropped EXE

    • Stops running service(s)

    • Target

      nssm.exe

    • Size

      360KB

    • MD5

      1136efb1a46d1f2d508162387f30dc4d

    • SHA1

      f280858dcfefabc1a9a006a57f6b266a5d1fde8e

    • SHA256

      eee9c44c29c2be011f1f1e43bb8c3fca888cb81053022ec5a0060035de16d848

    • SHA512

      43b31f600196eaf05e1a40d7a6e14d4c48fc6e55aca32c641086f31d6272d4afb294a1d214e071d5a8cce683a4a88b66a6914d969b40cec55ad88fde4077d3f5

    Score
    1/10
    • Target

      SugarLogic_#teamtnt_by_@r3dbU7z/win/nssm/nssm.exe

    • Size

      360KB

    • MD5

      1136efb1a46d1f2d508162387f30dc4d

    • SHA1

      f280858dcfefabc1a9a006a57f6b266a5d1fde8e

    • SHA256

      eee9c44c29c2be011f1f1e43bb8c3fca888cb81053022ec5a0060035de16d848

    • SHA512

      43b31f600196eaf05e1a40d7a6e14d4c48fc6e55aca32c641086f31d6272d4afb294a1d214e071d5a8cce683a4a88b66a6914d969b40cec55ad88fde4077d3f5

    Score
    1/10
    • Target

      SugarLogic_#teamtnt_by_@r3dbU7z/win/rig_win64/xmrig-6.13.1/WinRing0x64.sys

    • Size

      14KB

    • MD5

      0c0195c48b6b8582fa6f6373032118da

    • SHA1

      d25340ae8e92a6d29f599fef426a2bc1b5217299

    • SHA256

      11bd2c9f9e2397c9a16e0990e4ed2cf0679498fe0fd418a3dfdac60b5c160ee5

    • SHA512

      ab28e99659f219fec553155a0810de90f0c5b07dc9b66bda86d7686499fb0ec5fddeb7cd7a3c5b77dccb5e865f2715c2d81f4d40df4431c92ac7860c7e01720d

    Score
    1/10
    • Target

      SugarLogic_#teamtnt_by_@r3dbU7z/win/rig_win64/xmrig-6.13.1/start.cmd

    • Size

      29B

    • MD5

      6eb783bc229f92d0f8285500928ac8a1

    • SHA1

      c2740b6e8a535176e3df92c0417ef1a4d5e1bc46

    • SHA256

      9554e811347798d784bbe0ed5fa212e95dc8783a34cbc298454805f0988cb577

    • SHA512

      f9019e39e93f627873a9def844f4f8bce8cc49f0b757181bd2c06b30d24b75332ffc921d073f2c2481794a5cf0d507564e265e5e40585e090105b882873b1575

    Score
    1/10
    • Target

      SugarLogic_#teamtnt_by_@r3dbU7z/win/rig_win64/xmrig-6.13.1/xmrig.exe

    • Size

      4.5MB

    • MD5

      0b85eae86038116041ecc8d24ba2fadb

    • SHA1

      bcfeff8a7b42e8836b7dea9f6d594e14f6b25cec

    • SHA256

      cd0dcc3d3aab1dc613cd5b1ea4d3a066ab20768c60babb1a4e79df9da9144218

    • SHA512

      ef0b17ae8d533c209491358f09826ea7b0cb5e5d7a435b80f574916624070036d5fcf30eb35c0d5c33b49c134f471734efdaef5154de51b1ce600b4fe51b9744

    Score
    1/10
    • Target

      xmrig-6.13.1/WinRing0x64.sys

    • Size

      14KB

    • MD5

      0c0195c48b6b8582fa6f6373032118da

    • SHA1

      d25340ae8e92a6d29f599fef426a2bc1b5217299

    • SHA256

      11bd2c9f9e2397c9a16e0990e4ed2cf0679498fe0fd418a3dfdac60b5c160ee5

    • SHA512

      ab28e99659f219fec553155a0810de90f0c5b07dc9b66bda86d7686499fb0ec5fddeb7cd7a3c5b77dccb5e865f2715c2d81f4d40df4431c92ac7860c7e01720d

    Score
    1/10
    • Target

      SugarLogic_#teamtnt_by_@r3dbU7z/win/xmrig/WinRing0x64.sys

    • Size

      14KB

    • MD5

      0c0195c48b6b8582fa6f6373032118da

    • SHA1

      d25340ae8e92a6d29f599fef426a2bc1b5217299

    • SHA256

      11bd2c9f9e2397c9a16e0990e4ed2cf0679498fe0fd418a3dfdac60b5c160ee5

    • SHA512

      ab28e99659f219fec553155a0810de90f0c5b07dc9b66bda86d7686499fb0ec5fddeb7cd7a3c5b77dccb5e865f2715c2d81f4d40df4431c92ac7860c7e01720d

    Score
    1/10
    • Target

      SugarLogic_#teamtnt_by_@r3dbU7z/win/xmrig/xmrig.exe

    • Size

      6.9MB

    • MD5

      90ba713a657fe704ca05fbcfd967c245

    • SHA1

      020c59739d08b12008554ec48af07ec35d12f178

    • SHA256

      5ba3e2db02b76821bae00056323810032c0ebc1c54b1c93f383e31b3526ee847

    • SHA512

      98c88ffc0909f2bf76c78b46826e2a786f7fe3872f824c7c9e7959987cd5d7b46328b01b526f4431aa047685d5c88fa5172d819d58eed4a457b70e0de023c8d3

    Score
    1/10
    • Target

      SugarLogic_#teamtnt_by_@r3dbU7z/x86_64

    • Size

      101KB

    • MD5

      479b6bc7dfc3b65370c9668e5da6bf0d

    • SHA1

      3b0231ea896db354bd48181054a8f182ce98ed7e

    • SHA256

      a46c870d1667a3ee31d2ba8969c9024bdb521ae8aad2079b672ce8416d85e8df

    • SHA512

      e9b1bec197cd84f8d5d244177c663cc4f5caf3d1a7580c87f32b51ccc01466dec328199f8e71e9d47bc1ca397fa2286773020aed1355930c809eb708cb2f5579

    Score
    1/10
    • Target

      SugarLogic_#teamtnt_by_@r3dbU7z/xmr/x86_64

    • Size

      5.4MB

    • MD5

      53505356c3f1fbf3254deec5bc0408f9

    • SHA1

      a3b74e6b547a85175ab4faa93ee42d6af6933c93

    • SHA256

      9315e055f4570b7a392447300dcc2ec06f09b57858c131a35e012bd0bb2356cd

    • SHA512

      8f0cedd75f2e8f444f57d834cd9da45bec00e960075213d30ac60e3ebac2885c8df50420325adb537cb2c15fdada28264503400b6156c102e9891031e1804736

    Score
    1/10
    • Target

      SugarLogic_#teamtnt_by_@r3dbU7z/xmrig

    • Size

      7.5MB

    • MD5

      1cb70176bce5e95e94113b00501a2a2d

    • SHA1

      db8d8b1d6c6f241480cb5a886f73c0fbf3f6e1a8

    • SHA256

      b158fc11e1d4aeaf9d3111a285cd353eaff6627e328737a5a242d7ec219f4121

    • SHA512

      310b6c938cb9ba40f9bd513bbc4a59c9e2fd2a089a1125388d8ddadcfd804d3daf4102c53a4fa35d3ff1b30ddbd2ccfb56f5fb399839a87729907c08aed40c04

    Score
    1/10

MITRE ATT&CK Enterprise v6

Tasks

static1

minerkaitenxmrig
Score
10/10

behavioral1

Score
1/10

behavioral2

Score
1/10

behavioral3

Score
1/10

behavioral4

Score
1/10

behavioral5

Score
1/10

behavioral6

Score
1/10

behavioral7

Score
1/10

behavioral8

Score
1/10

behavioral9

Score
1/10

behavioral10

Score
1/10

behavioral11

evasion
Score
8/10

behavioral12

xmrigevasionminer
Score
10/10

behavioral13

evasion
Score
8/10

behavioral14

xmrigevasionminer
Score
10/10

behavioral15

Score
1/10

behavioral16

Score
1/10

behavioral17

Score
1/10

behavioral18

Score
1/10

behavioral19

Score
1/10

behavioral20

Score
1/10

behavioral21

Score
1/10

behavioral22

Score
1/10

behavioral23

Score
1/10

behavioral24

Score
1/10

behavioral25

Score
1/10

behavioral26

Score
1/10

behavioral27

Score
1/10

behavioral28

Score
1/10

behavioral29

Score
1/10

behavioral30

Score
1/10

behavioral31

Score
1/10

behavioral32

Score
1/10