aa49729965e546407fb7295d3ec68fd60ef327ce6c1047b71b0236de7925cb44
aa49729965e546407fb7295d3ec68fd60ef327ce6c1047b71b0236de7925cb44
6MB
211231-llh74sggd8
120e6c560c8582338b97bc1112703588
4017ad3a595577f006273315a927764d6bf53941
aa49729965e546407fb7295d3ec68fd60ef327ce6c1047b71b0236de7925cb44
92c7f20c9b9b4ab36a5bd189aa7dcf76d38b5c13b40be2c65b5fa7f865a0c7bfd196cc8f7437f0c7a36e135c74f42381e2572a9d4804e7b6cec1541fdc05929d
aa49729965e546407fb7295d3ec68fd60ef327ce6c1047b71b0236de7925cb44
120e6c560c8582338b97bc1112703588
6MB
4017ad3a595577f006273315a927764d6bf53941
aa49729965e546407fb7295d3ec68fd60ef327ce6c1047b71b0236de7925cb44
92c7f20c9b9b4ab36a5bd189aa7dcf76d38b5c13b40be2c65b5fa7f865a0c7bfd196cc8f7437f0c7a36e135c74f42381e2572a9d4804e7b6cec1541fdc05929d
Tags
Signatures
-
Detect Neshta Payload
-
Modifies system executable filetype association
-
Neshta
Description
Malware from the neshta family is designed to infect itself into other files to spread itself and cause damage.
Tags
-
xmrig
Description
XMRig is a high performance, open source, cross platform CPU/GPU miner.
Tags
-
Detected Stratum cryptominer command
Description
Looks to be attempting to contact Stratum mining pool.
Tags
-
XMRig Miner Payload
Tags
-
Executes dropped EXE
-
Reads user/profile data of web browsers
Description
Infostealers often target stored browser data, which can include saved credentials etc.
Tags
TTPs