General

  • Target

    04639f2e29d61e13498e555456946839411dd6381132c87e16f5a3efc07ed4a0

  • Size

    2.2MB

  • Sample

    220516-pw91csbhb4

  • MD5

    006203dcba49453213ec57ed1e7d14a6

  • SHA1

    5f6d4d1f1728e83a1aab98a4d3dde30f7ad42980

  • SHA256

    04639f2e29d61e13498e555456946839411dd6381132c87e16f5a3efc07ed4a0

  • SHA512

    cea85df65faa83d1d654d8f1dce835525dc6c9edd58d31fa77dacae25e6922d6e83a802d78fdd5a598d5861d9bcfd679c56f092b4660f9858606c31709f07846

Score
10/10

Malware Config

Targets

    • Target

      04639f2e29d61e13498e555456946839411dd6381132c87e16f5a3efc07ed4a0

    • Size

      2.2MB

    • MD5

      006203dcba49453213ec57ed1e7d14a6

    • SHA1

      5f6d4d1f1728e83a1aab98a4d3dde30f7ad42980

    • SHA256

      04639f2e29d61e13498e555456946839411dd6381132c87e16f5a3efc07ed4a0

    • SHA512

      cea85df65faa83d1d654d8f1dce835525dc6c9edd58d31fa77dacae25e6922d6e83a802d78fdd5a598d5861d9bcfd679c56f092b4660f9858606c31709f07846

    Score
    10/10
    • xmrig

      XMRig is a high performance, open source, cross platform CPU/GPU miner.

    • Blocklisted process makes network request

    • Executes dropped EXE

    • UPX packed file

      Detects executables packed with UPX/modified UPX open source packer.

    • Loads dropped DLL

    • Legitimate hosting services abused for malware hosting/C2

MITRE ATT&CK Matrix ATT&CK v6

Command and Control

Web Service

1
T1102

Tasks