General
-
Target
m2.dat
-
Size
3.4MB
-
Sample
211201-wq4dyshgg7
-
MD5
fcfc0feed527d188d6b2ed3445758511
-
SHA1
b4198d332b59b303e2dc5df717f2cf408b308f28
-
SHA256
28e5812c8bff42c348a5f25a5f3d871c5b3bbda882da1009db4d25dc974bef0c
-
SHA512
af053c75e89e18573161dcd1fcabc3b08998874c5e810bc15bb2a0e5ab0254d06b4ec6defc545fc9dff4fcb94529eb9ea7610ad63233e5d6e191b232c502d3c5
Static task
static1
Behavioral task
behavioral1
Sample
m2.dat.exe
Resource
win7-en-20211014
Malware Config
Extracted
http://k2ygoods.ydns.eu/power.txt
Targets
-
-
Target
m2.dat
-
Size
3.4MB
-
MD5
fcfc0feed527d188d6b2ed3445758511
-
SHA1
b4198d332b59b303e2dc5df717f2cf408b308f28
-
SHA256
28e5812c8bff42c348a5f25a5f3d871c5b3bbda882da1009db4d25dc974bef0c
-
SHA512
af053c75e89e18573161dcd1fcabc3b08998874c5e810bc15bb2a0e5ab0254d06b4ec6defc545fc9dff4fcb94529eb9ea7610ad63233e5d6e191b232c502d3c5
-
XMRig Miner Payload
-
Blocklisted process makes network request
-
Executes dropped EXE
-
Modifies Windows Firewall
-
Stops running service(s)
-
Loads dropped DLL
-