General

  • Target

    05837e4583dc73694d38c1761d8a2b210ce87e4f1ab770afbf2a8825d6382352

  • Size

    2.2MB

  • Sample

    220516-pw3w2sbha6

  • MD5

    075572f66916c82a511c04d60f9a3af4

  • SHA1

    cd33e28b7f438e902c13fe62f850bd68bab23fb2

  • SHA256

    05837e4583dc73694d38c1761d8a2b210ce87e4f1ab770afbf2a8825d6382352

  • SHA512

    084cdc025f39c7f7bb01b83ee6c873036ae9d8e69b8117a8997ed24f99d082b266f821b65b8ea17bb4203e3c9739d7b29c4125bdc39bfb95e017841eb2832c9f

Score
10/10

Malware Config

Targets

    • Target

      05837e4583dc73694d38c1761d8a2b210ce87e4f1ab770afbf2a8825d6382352

    • Size

      2.2MB

    • MD5

      075572f66916c82a511c04d60f9a3af4

    • SHA1

      cd33e28b7f438e902c13fe62f850bd68bab23fb2

    • SHA256

      05837e4583dc73694d38c1761d8a2b210ce87e4f1ab770afbf2a8825d6382352

    • SHA512

      084cdc025f39c7f7bb01b83ee6c873036ae9d8e69b8117a8997ed24f99d082b266f821b65b8ea17bb4203e3c9739d7b29c4125bdc39bfb95e017841eb2832c9f

    Score
    10/10
    • xmrig

      XMRig is a high performance, open source, cross platform CPU/GPU miner.

    • Blocklisted process makes network request

    • Executes dropped EXE

    • UPX packed file

      Detects executables packed with UPX/modified UPX open source packer.

    • Loads dropped DLL

    • Legitimate hosting services abused for malware hosting/C2

MITRE ATT&CK Matrix ATT&CK v6

Command and Control

Web Service

1
T1102

Tasks