Overview

overview

10

Static

static

ea4b507c32...72.exe

windows7_x64

10

ea4b507c32...72.exe

windows10_x64

10

Sharing

Copy URL
Twitter E-mail

General

  • Target

    ea4b507c3236b56ef4ea44f5ac9a531a175d643d184e356ae8833d36c1957372

  • Size

    8.3MB

  • Sample

    220124-dflr2sagel

  • MD5

    7b558126b8e488be2b33aeed7a330730

  • SHA1

    1d3819d1c8cba8a6ff5e83124291573145b46e4c

  • SHA256

    ea4b507c3236b56ef4ea44f5ac9a531a175d643d184e356ae8833d36c1957372

  • SHA512

    0274f537ec45054200285271e09b3ba9a4cfa5eaa2e610388d5cb9154ea7bb481b6daa5245b5eddc40b21ed4b4278b5e3d8170a53438a87c7bf1df43bfcc0962

Score
10/10
strongpityxmrigminerspywarestealer

Malware Config

Targets

    • Target

      ea4b507c3236b56ef4ea44f5ac9a531a175d643d184e356ae8833d36c1957372

    • Size

      8.3MB

    • MD5

      7b558126b8e488be2b33aeed7a330730

    • SHA1

      1d3819d1c8cba8a6ff5e83124291573145b46e4c

    • SHA256

      ea4b507c3236b56ef4ea44f5ac9a531a175d643d184e356ae8833d36c1957372

    • SHA512

      0274f537ec45054200285271e09b3ba9a4cfa5eaa2e610388d5cb9154ea7bb481b6daa5245b5eddc40b21ed4b4278b5e3d8170a53438a87c7bf1df43bfcc0962

    Score
    10/10
    strongpityxmrigminerspywarestealer

    • StrongPity

      StrongPity is a spyware developed by PROMETHIUM APT group mainly used in government sponsored attacks.

      stealerspywarestrongpity

    • StrongPity Spyware

    • xmrig

      XMRig is a high performance, open source, cross platform CPU/GPU miner.

      minerxmrig

    • Executes dropped EXE

    • Loads dropped DLL

    • Drops file in System32 directory

    behavioral1behavioral2

MITRE ATT&CK Matrix

Tasks