Overview

overview

10

Static

static

10

90dbb8defe...e3.exe

windows7_x64

10

90dbb8defe...e3.exe

windows10-2004_x64

10

Sharing

Copy URL
Twitter E-mail

General

  • Target

    90dbb8defe3b1fc7b60bd335c4bf38600826f04f57166017df29631ef27058e3

  • Size

    2.3MB

  • Sample

    220516-n1r5nschdk

  • MD5

    0daa83edbb0cbf5ebefe1d8c09bfebc1

  • SHA1

    2f6201426d5920837a4ae572dfb514d06e5dc340

  • SHA256

    90dbb8defe3b1fc7b60bd335c4bf38600826f04f57166017df29631ef27058e3

  • SHA512

    f4fcf142221e068cdb9480cf17db5eedef217215b26a31a16edd0c9db9502e28cf16f650da16040ac27b457f2d460c35e3b0c9e552c7a922ac06ef2f7f9ffbac

Score
10/10
xmrigminerupx

Malware Config

Targets

    • Target

      90dbb8defe3b1fc7b60bd335c4bf38600826f04f57166017df29631ef27058e3

    • Size

      2.3MB

    • MD5

      0daa83edbb0cbf5ebefe1d8c09bfebc1

    • SHA1

      2f6201426d5920837a4ae572dfb514d06e5dc340

    • SHA256

      90dbb8defe3b1fc7b60bd335c4bf38600826f04f57166017df29631ef27058e3

    • SHA512

      f4fcf142221e068cdb9480cf17db5eedef217215b26a31a16edd0c9db9502e28cf16f650da16040ac27b457f2d460c35e3b0c9e552c7a922ac06ef2f7f9ffbac

    Score
    10/10
    xmrigminerupx

    • xmrig

      XMRig is a high performance, open source, cross platform CPU/GPU miner.

      minerxmrig

    • Blocklisted process makes network request

    • Executes dropped EXE

    • UPX packed file

      Detects executables packed with UPX/modified UPX open source packer.

      upx

    • Loads dropped DLL

    • Legitimate hosting services abused for malware hosting/C2

    behavioral1behavioral2

MITRE ATT&CK Matrix ATT&CK v6

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Lateral Movement

Collection

Exfiltration

Command and Control

Web Service

1
T1102

Impact

Tasks