General

  • Target

    11048c3d5f685d3cceb4e4985f4b10d564cae0a614699e076d0b540e06c8d6de

  • Size

    2.5MB

  • Sample

    220516-ptj16aecdl

  • MD5

    abd3ed649cb7c4e0e7bcea42e79c9c6c

  • SHA1

    caf4fef83093466c00c7519210fd66a058e08973

  • SHA256

    11048c3d5f685d3cceb4e4985f4b10d564cae0a614699e076d0b540e06c8d6de

  • SHA512

    5784e9e83cc050dd6d0135bc4d4ba5f1624d07168402dbad26305cc36f797b1c3b0cd3d8a8f93b8a712621143ad9b137e6067de84d7c701eebf42bb6bf3fa0d8

Score
10/10

Malware Config

Targets

    • Target

      11048c3d5f685d3cceb4e4985f4b10d564cae0a614699e076d0b540e06c8d6de

    • Size

      2.5MB

    • MD5

      abd3ed649cb7c4e0e7bcea42e79c9c6c

    • SHA1

      caf4fef83093466c00c7519210fd66a058e08973

    • SHA256

      11048c3d5f685d3cceb4e4985f4b10d564cae0a614699e076d0b540e06c8d6de

    • SHA512

      5784e9e83cc050dd6d0135bc4d4ba5f1624d07168402dbad26305cc36f797b1c3b0cd3d8a8f93b8a712621143ad9b137e6067de84d7c701eebf42bb6bf3fa0d8

    Score
    10/10
    • xmrig

      XMRig is a high performance, open source, cross platform CPU/GPU miner.

    • Blocklisted process makes network request

    • Executes dropped EXE

    • UPX packed file

      Detects executables packed with UPX/modified UPX open source packer.

    • Loads dropped DLL

    • Legitimate hosting services abused for malware hosting/C2

MITRE ATT&CK Matrix ATT&CK v6

Command and Control

Web Service

1
T1102

Tasks