aa49729965e546407fb7295d3ec68fd60ef327ce6c1047b71b0236de7925cb44
General
Target
Size
Sample
aa49729965e546407fb7295d3ec68fd60ef327ce6c1047b71b0236de7925cb44
6MB
211231-llh74sggd8
Score
10 /10
MD5
SHA1
SHA256
SHA512
120e6c560c8582338b97bc1112703588
4017ad3a595577f006273315a927764d6bf53941
aa49729965e546407fb7295d3ec68fd60ef327ce6c1047b71b0236de7925cb44
92c7f20c9b9b4ab36a5bd189aa7dcf76d38b5c13b40be2c65b5fa7f865a0c7bfd196cc8f7437f0c7a36e135c74f42381e2572a9d4804e7b6cec1541fdc05929d
Malware Config
Targets
Target
MD5
Filesize
aa49729965e546407fb7295d3ec68fd60ef327ce6c1047b71b0236de7925cb44
120e6c560c8582338b97bc1112703588
6MB
Score
10/10
SHA1
SHA256
SHA512
4017ad3a595577f006273315a927764d6bf53941
aa49729965e546407fb7295d3ec68fd60ef327ce6c1047b71b0236de7925cb44
92c7f20c9b9b4ab36a5bd189aa7dcf76d38b5c13b40be2c65b5fa7f865a0c7bfd196cc8f7437f0c7a36e135c74f42381e2572a9d4804e7b6cec1541fdc05929d
Tags
Signatures
-
Detect Neshta Payload
-
Modifies system executable filetype association
-
Neshta
Description
Malware from the neshta family is designed to infect itself into other files to spread itself and cause damage.
Tags
-
xmrig
Description
XMRig is a high performance, open source, cross platform CPU/GPU miner.
Tags
-
Detected Stratum cryptominer command
Description
Looks to be attempting to contact Stratum mining pool.
Tags
-
XMRig Miner Payload
Tags
-
Executes dropped EXE
-
Reads user/profile data of web browsers
Description
Infostealers often target stored browser data, which can include saved credentials etc.
Tags
TTPs
Related Tasks
MITRE ATT&CK Matrix
Collection
Command and Control
Credential Access
Defense Evasion
Discovery
Execution
Exfiltration
Impact
Initial Access
Lateral Movement
Persistence
Privilege Escalation
Tasks