Overview

overview

10

Static

static

10

8dabd74812...e6.exe

windows7_x64

10

8dabd74812...e6.exe

windows10-2004_x64

10

Sharing

Copy URL
Twitter E-mail

General

  • Target

    8dabd74812f6a97e37d3faf781c0343f20bd2647f9622af5bfafad8ac69e01e6

  • Size

    1.9MB

  • Sample

    220516-n2c25schfm

  • MD5

    0568ef38b4af1ef6ba86cbf4de84e780

  • SHA1

    f3a9c2a27dfc6a4e44129380f91f6fe52111bd17

  • SHA256

    8dabd74812f6a97e37d3faf781c0343f20bd2647f9622af5bfafad8ac69e01e6

  • SHA512

    111feaea58efbab89ae029389b04e32eff0aeb151276cebf28647c5b8033fa52385c1f85e4ad0ff9337a9233c80afe8fcbeec29f08d51cf9d3835c960219ba24

Score
10/10
xmrigminerupx

Malware Config

Targets

    • Target

      8dabd74812f6a97e37d3faf781c0343f20bd2647f9622af5bfafad8ac69e01e6

    • Size

      1.9MB

    • MD5

      0568ef38b4af1ef6ba86cbf4de84e780

    • SHA1

      f3a9c2a27dfc6a4e44129380f91f6fe52111bd17

    • SHA256

      8dabd74812f6a97e37d3faf781c0343f20bd2647f9622af5bfafad8ac69e01e6

    • SHA512

      111feaea58efbab89ae029389b04e32eff0aeb151276cebf28647c5b8033fa52385c1f85e4ad0ff9337a9233c80afe8fcbeec29f08d51cf9d3835c960219ba24

    Score
    10/10
    xmrigminerupx

    • xmrig

      XMRig is a high performance, open source, cross platform CPU/GPU miner.

      minerxmrig

    • Blocklisted process makes network request

    • Executes dropped EXE

    • UPX packed file

      Detects executables packed with UPX/modified UPX open source packer.

      upx

    • Loads dropped DLL

    • Legitimate hosting services abused for malware hosting/C2

    behavioral1behavioral2

MITRE ATT&CK Matrix ATT&CK v6

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Lateral Movement

Collection

Exfiltration

Command and Control

Web Service

1
T1102

Impact

Tasks