StrongPity

StrongPity is a spyware developed by PROMETHIUM APT group mainly used in government sponsored attacks.

StrongPity Spyware

suricata: ET MALWARE Possible Malicious Macro DL EXE Feb 2016 (WinHTTPRequest)

suricata: ET MALWARE Possible Malicious Macro DL EXE Feb 2016 (WinHTTPRequest)

xmrig

XMRig is a high performance, open source, cross platform CPU/GPU miner.

Blocklisted process makes network request

Downloads MZ/PE file

Executes dropped EXE

Modifies Windows Firewall