General

  • Target

    116bb414bb823ef0f2ec76c978d2454a1203dc8c9a93a88abefcd058cf041007

  • Size

    1.8MB

  • Sample

    220516-ptfzhaeccr

  • MD5

    04e2284a2fba8b27e7e5e65d4e95203f

  • SHA1

    248a9a655a4a273a8f937f185b16e59a01d5d12d

  • SHA256

    116bb414bb823ef0f2ec76c978d2454a1203dc8c9a93a88abefcd058cf041007

  • SHA512

    367ab5ddcd62381e49b5a0558c1dd65c4cb81017f5e7150ca15bec5bca646aa2e23d207ac710e6bc03df89f367ee3e9caea6f50c825feceb9775dd44aa4fb036

Score
10/10

Malware Config

Targets

    • Target

      116bb414bb823ef0f2ec76c978d2454a1203dc8c9a93a88abefcd058cf041007

    • Size

      1.8MB

    • MD5

      04e2284a2fba8b27e7e5e65d4e95203f

    • SHA1

      248a9a655a4a273a8f937f185b16e59a01d5d12d

    • SHA256

      116bb414bb823ef0f2ec76c978d2454a1203dc8c9a93a88abefcd058cf041007

    • SHA512

      367ab5ddcd62381e49b5a0558c1dd65c4cb81017f5e7150ca15bec5bca646aa2e23d207ac710e6bc03df89f367ee3e9caea6f50c825feceb9775dd44aa4fb036

    Score
    10/10
    • xmrig

      XMRig is a high performance, open source, cross platform CPU/GPU miner.

    • Blocklisted process makes network request

    • Executes dropped EXE

    • UPX packed file

      Detects executables packed with UPX/modified UPX open source packer.

    • Loads dropped DLL

    • Legitimate hosting services abused for malware hosting/C2

MITRE ATT&CK Matrix ATT&CK v6

Command and Control

Web Service

1
T1102

Tasks