General

  • Target

    0843d235ff9f431e4f613fa4dd5c5b4943a0250c31ec5316537e5a420fed85e2

  • Size

    1.6MB

  • Sample

    220516-pwgzksbgg5

  • MD5

    5a0b529e35dcab9d5c5058c43bd498d5

  • SHA1

    577f8b0a918e72dcb6f1b0c5d2140d1ea69dec7d

  • SHA256

    0843d235ff9f431e4f613fa4dd5c5b4943a0250c31ec5316537e5a420fed85e2

  • SHA512

    14ad8676e1f0ed4174d2c3dbd8fa0b7bf77dda490aab1da11c5b7ab84c4ae8d936f9883d0e9794b75ba61b62398db290914d8653b455e5f2bd383fb4eb9d1126

Score
10/10

Malware Config

Targets

    • Target

      0843d235ff9f431e4f613fa4dd5c5b4943a0250c31ec5316537e5a420fed85e2

    • Size

      1.6MB

    • MD5

      5a0b529e35dcab9d5c5058c43bd498d5

    • SHA1

      577f8b0a918e72dcb6f1b0c5d2140d1ea69dec7d

    • SHA256

      0843d235ff9f431e4f613fa4dd5c5b4943a0250c31ec5316537e5a420fed85e2

    • SHA512

      14ad8676e1f0ed4174d2c3dbd8fa0b7bf77dda490aab1da11c5b7ab84c4ae8d936f9883d0e9794b75ba61b62398db290914d8653b455e5f2bd383fb4eb9d1126

    Score
    10/10
    • xmrig

      XMRig is a high performance, open source, cross platform CPU/GPU miner.

    • Blocklisted process makes network request

    • Executes dropped EXE

    • UPX packed file

      Detects executables packed with UPX/modified UPX open source packer.

    • Loads dropped DLL

    • Legitimate hosting services abused for malware hosting/C2

MITRE ATT&CK Matrix ATT&CK v6

Command and Control

Web Service

1
T1102

Tasks