Extracted

Extracted

Extracted

• • Target

    software.exe

  • Size

    3.2MB

  • MD5

    9bb9bef710583acc0b74b42e9c244209

  • SHA1

    ac0cb5474c2bd21263c3758aaff6420f7380f5b6

  • SHA256

    15fea1662d7a85e4d95fd89e36b4f02dd6657045ea9f20301130a321994504c6

  • SHA512

    aa630dec6a967b9bbbad8425ac8afee443f7e37dbf21fe761fd3a4a27f3b78efdd92b13fd14a3e8931045d803ec52f7b1276f6534bf6b07e8ab1a4e74340ae17

  Score

  10^/10

  xmrigevasionminerransomwarespywarestealer

  • xmrig

    XMRig is a high performance, open source, cross platform CPU/GPU miner.

    minerxmrig

  • Drops file in Drivers directory

  • Modifies Windows Firewall

    evasion

  • Modifies extensions of user files

    Ransomware generally changes the extension on encrypted files.

    ransomware

  • Drops startup file

  • Reads user/profile data of web browsers

    Infostealers often target stored browser data, which can include saved credentials etc.

    spywarestealer

  • Drops desktop.ini file(s)

  • Drops autorun.inf file

    Malware can abuse Windows Autorun to spread further via attached volumes.

  • Drops file in System32 directory

  behavioral1behavioral2