Overview

overview

10

Static

static

17adbb68c3...b4.exe

windows7_x64

10

17adbb68c3...b4.exe

windows10_x64

10

Sharing

Copy URL
Twitter E-mail

General

  • Target

    17adbb68c3410d3f1c4c19b1808149e74148839f1c082c3011bff86ddb71acb4

  • Size

    8.6MB

  • Sample

    220124-gl2l8sdbgm

  • MD5

    2cd63d9157af4579004ff2c34a36bdc3

  • SHA1

    7b8e9a522400c9672ee2244a6993407f945584d6

  • SHA256

    17adbb68c3410d3f1c4c19b1808149e74148839f1c082c3011bff86ddb71acb4

  • SHA512

    ef6c6f2cddb449519488aa775336f5ec4384cd3b95df371450d11435cad383d570bdba6e9ae60d637c68cb810343a8b1af325bbb67012092a08478d03d76eb26

Score
10/10
strongpityxmrigminerspywarestealer

Malware Config

Targets

    • Target

      17adbb68c3410d3f1c4c19b1808149e74148839f1c082c3011bff86ddb71acb4

    • Size

      8.6MB

    • MD5

      2cd63d9157af4579004ff2c34a36bdc3

    • SHA1

      7b8e9a522400c9672ee2244a6993407f945584d6

    • SHA256

      17adbb68c3410d3f1c4c19b1808149e74148839f1c082c3011bff86ddb71acb4

    • SHA512

      ef6c6f2cddb449519488aa775336f5ec4384cd3b95df371450d11435cad383d570bdba6e9ae60d637c68cb810343a8b1af325bbb67012092a08478d03d76eb26

    Score
    10/10
    strongpityxmrigminerspywarestealer

    • StrongPity

      StrongPity is a spyware developed by PROMETHIUM APT group mainly used in government sponsored attacks.

      stealerspywarestrongpity

    • StrongPity Spyware

    • xmrig

      XMRig is a high performance, open source, cross platform CPU/GPU miner.

      minerxmrig

    • Executes dropped EXE

    • Loads dropped DLL

    • Drops file in System32 directory

    behavioral1behavioral2

MITRE ATT&CK Matrix

Tasks