General
-
Target
96232834d8461762244339e7d091df62d4c4d8e7d292f9be44586923e06b422a
-
Size
235KB
-
Sample
211210-wqwzwahdb8
-
MD5
d30d640dcb97296b95d1072657f01f62
-
SHA1
72c89c2960623c1a610f8c80b2c6a594aa508f70
-
SHA256
96232834d8461762244339e7d091df62d4c4d8e7d292f9be44586923e06b422a
-
SHA512
9658901fea3d10ed197046e469d84147c7362443ea812d46e156a21a2528fbcbf643499a80b5cb6aa4ab3873009f459996db181b3880556f5521dfceb02fbe78
Static task
static1
Malware Config
Extracted
tofsee
mubrikych.top
oxxyfix.xyz
Targets
-
-
Target
96232834d8461762244339e7d091df62d4c4d8e7d292f9be44586923e06b422a
-
Size
235KB
-
MD5
d30d640dcb97296b95d1072657f01f62
-
SHA1
72c89c2960623c1a610f8c80b2c6a594aa508f70
-
SHA256
96232834d8461762244339e7d091df62d4c4d8e7d292f9be44586923e06b422a
-
SHA512
9658901fea3d10ed197046e469d84147c7362443ea812d46e156a21a2528fbcbf643499a80b5cb6aa4ab3873009f459996db181b3880556f5521dfceb02fbe78
-
XMRig Miner Payload
-
Creates new service(s)
-
Executes dropped EXE
-
Modifies Windows Firewall
-
Sets service image path in registry
-
Deletes itself
-
Drops file in System32 directory
-
Suspicious use of SetThreadContext
-