General
-
Target
SecuriteInfo.com.Trojan.Siggen15.31967.13332.4090
-
Size
21.8MB
-
Sample
211210-nfzzsagcb8
-
MD5
3b8f84394473e3f20ccba33d1b9c6191
-
SHA1
85e29453fc67e4e278b350b6b79d525cc3e26b0c
-
SHA256
757ffe1da50601133ff5de5fa7f77c3bef8de506e520c931799456afbc1aa78a
-
SHA512
33d3a00c0ca75977104e1698511f3ee10b1eb4aeffeca88ffc464dbf8ef03381ae70bf89688745a92e5439e638c3b6471745ec7aa5537528b1ed220adb433fd0
Malware Config
Targets
-
-
Target
SecuriteInfo.com.Trojan.Siggen15.31967.13332.4090
-
Size
21.8MB
-
MD5
3b8f84394473e3f20ccba33d1b9c6191
-
SHA1
85e29453fc67e4e278b350b6b79d525cc3e26b0c
-
SHA256
757ffe1da50601133ff5de5fa7f77c3bef8de506e520c931799456afbc1aa78a
-
SHA512
33d3a00c0ca75977104e1698511f3ee10b1eb4aeffeca88ffc464dbf8ef03381ae70bf89688745a92e5439e638c3b6471745ec7aa5537528b1ed220adb433fd0
Score10/10-
xmrig
XMRig is a high performance, open source, cross platform CPU/GPU miner.
-
XMRig Miner Payload
-
Executes dropped EXE
-
Checks BIOS information in registry
BIOS information is often read in order to detect sandboxing environments.
-
Loads dropped DLL
-
Drops file in System32 directory
-
Suspicious use of SetThreadContext
-