Overview

overview

10

Static

static

10

14d2c67ad2...ae.exe

windows7_x64

10

14d2c67ad2...ae.exe

windows10-2004_x64

10

Sharing

Copy URL
Twitter E-mail

General

  • Target

    14d2c67ad2af97debded843d743b8391535df572379253ded871dc2164e113ae

  • Size

    2.2MB

  • Sample

    220516-pshrpsebhp

  • MD5

    29210e70ec3bbbcbdccd3ffcf078c138

  • SHA1

    5206849f0a098d9c4247f6abe3f9097b21811c4c

  • SHA256

    14d2c67ad2af97debded843d743b8391535df572379253ded871dc2164e113ae

  • SHA512

    f867670a9a088d765be456367f961f827284a1f2f0e3e2e5c947e13e27b5dce5133633f067a1d16ab703f3075aedd6566ef48c31d1c6aad099cd83a8c4f82893

Score
10/10
xmrigminerupx

Malware Config

Targets

    • Target

      14d2c67ad2af97debded843d743b8391535df572379253ded871dc2164e113ae

    • Size

      2.2MB

    • MD5

      29210e70ec3bbbcbdccd3ffcf078c138

    • SHA1

      5206849f0a098d9c4247f6abe3f9097b21811c4c

    • SHA256

      14d2c67ad2af97debded843d743b8391535df572379253ded871dc2164e113ae

    • SHA512

      f867670a9a088d765be456367f961f827284a1f2f0e3e2e5c947e13e27b5dce5133633f067a1d16ab703f3075aedd6566ef48c31d1c6aad099cd83a8c4f82893

    Score
    10/10
    xmrigminerupx

    • xmrig

      XMRig is a high performance, open source, cross platform CPU/GPU miner.

      minerxmrig

    • Blocklisted process makes network request

    • Executes dropped EXE

    • UPX packed file

      Detects executables packed with UPX/modified UPX open source packer.

      upx

    • Loads dropped DLL

    • Legitimate hosting services abused for malware hosting/C2

    behavioral1behavioral2

MITRE ATT&CK Matrix ATT&CK v6

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Lateral Movement

Collection

Exfiltration

Command and Control

Web Service

1
T1102

Impact

Tasks