General

  • Target

    f8c953a9b737c5fe69ab9cfb5b20d576f15396a40de10ea6c3216042a97132f4

  • Size

    8.0MB

  • Sample

    220124-c8b8msaeh3

  • MD5

    286175827543c48d2db0042944dbecc4

  • SHA1

    46720f8f3bd61d1e9a6deb4b9968f8976567fd70

  • SHA256

    f8c953a9b737c5fe69ab9cfb5b20d576f15396a40de10ea6c3216042a97132f4

  • SHA512

    98c078e3f398cf0580b807d0b92d23362bb810271fbdaea5861b79932e75a73cccea4e65389743a81c6aad9f95dada7f8a34b3f25a8c54cbf1aacc35254e8b3e

Malware Config

Targets

    • Target

      f8c953a9b737c5fe69ab9cfb5b20d576f15396a40de10ea6c3216042a97132f4

    • Size

      8.0MB

    • MD5

      286175827543c48d2db0042944dbecc4

    • SHA1

      46720f8f3bd61d1e9a6deb4b9968f8976567fd70

    • SHA256

      f8c953a9b737c5fe69ab9cfb5b20d576f15396a40de10ea6c3216042a97132f4

    • SHA512

      98c078e3f398cf0580b807d0b92d23362bb810271fbdaea5861b79932e75a73cccea4e65389743a81c6aad9f95dada7f8a34b3f25a8c54cbf1aacc35254e8b3e

    • StrongPity

      StrongPity is a spyware developed by PROMETHIUM APT group mainly used in government sponsored attacks.

    • StrongPity Spyware

    • xmrig

      XMRig is a high performance, open source, cross platform CPU/GPU miner.

    • Downloads MZ/PE file

    • Executes dropped EXE

    • Loads dropped DLL

    • Drops file in System32 directory

MITRE ATT&CK Enterprise v6

Tasks