strongpity | f8c953a9b737c5fe69ab9cfb5b20d576f15396a40de10ea6c3216042a97132f4 | Triage

Submit
Reports

Overview

overview

Static

static

f8c953a9b7...f4.exe

windows7_x64

f8c953a9b7...f4.exe

windows10_x64

Sharing

General

Target

f8c953a9b737c5fe69ab9cfb5b20d576f15396a40de10ea6c3216042a97132f4
Size

8.0MB
Sample

220124-c8b8msaeh3
MD5

286175827543c48d2db0042944dbecc4
SHA1

46720f8f3bd61d1e9a6deb4b9968f8976567fd70
SHA256

f8c953a9b737c5fe69ab9cfb5b20d576f15396a40de10ea6c3216042a97132f4
SHA512

98c078e3f398cf0580b807d0b92d23362bb810271fbdaea5861b79932e75a73cccea4e65389743a81c6aad9f95dada7f8a34b3f25a8c54cbf1aacc35254e8b3e

Score

10^/10

strongpity xmrig miner spyware stealer

Static task

static1

Behavioral task

behavioral1

Sample

f8c953a9b737c5fe69ab9cfb5b20d576f15396a40de10ea6c3216042a97132f4.exe

Resource

win7-en-20211208

strongpity xmrig miner spyware stealer

windows7_x64

0 signatures

0 seconds

Behavioral task

behavioral2

Sample

f8c953a9b737c5fe69ab9cfb5b20d576f15396a40de10ea6c3216042a97132f4.exe

Resource

win10-en-20211208

strongpity xmrig miner spyware stealer

windows10_x64

0 signatures

0 seconds

Malware Config

Targets

- Target
  
  f8c953a9b737c5fe69ab9cfb5b20d576f15396a40de10ea6c3216042a97132f4
- Size
  
  8.0MB
- MD5
  
  286175827543c48d2db0042944dbecc4
- SHA1
  
  46720f8f3bd61d1e9a6deb4b9968f8976567fd70
- SHA256
  
  f8c953a9b737c5fe69ab9cfb5b20d576f15396a40de10ea6c3216042a97132f4
- SHA512
  
  98c078e3f398cf0580b807d0b92d23362bb810271fbdaea5861b79932e75a73cccea4e65389743a81c6aad9f95dada7f8a34b3f25a8c54cbf1aacc35254e8b3e
Score

10^/10

strongpity xmrig miner spyware stealer
- StrongPity
  StrongPity is a spyware developed by PROMETHIUM APT group mainly used in government sponsored attacks.
  stealer spyware strongpity
- StrongPity Spyware
- xmrig
  XMRig is a high performance, open source, cross platform CPU/GPU miner.
  miner xmrig
- Downloads MZ/PE file
- Executes dropped EXE
- Loads dropped DLL
- Drops file in System32 directory
behavioral1 behavioral2

MITRE ATT&CK Enterprise v6

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

System Information Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

strongpityxmrigminerspywarestealer

behavioral2

strongpityxmrigminerspywarestealer

© 2018-2024

Terms | Privacy