General
-
Target
d4f71f1933aba41e003d363321a199fb262d27a8c2a42ff3aaa61e28a38ab1be
-
Size
12.8MB
-
Sample
220516-q57r2adab8
-
MD5
e293f7a69f4b687ff718897087b594cb
-
SHA1
97bc9ce0fdb3609e8ea9c4d4ee50c5aa1d7f739e
-
SHA256
d4f71f1933aba41e003d363321a199fb262d27a8c2a42ff3aaa61e28a38ab1be
-
SHA512
71b54b2351739b63b8c5449ec2f7ee1848402d7fb0a7358e907667744fef1d455320cf7199e0447fa40bacccc2e6d593ae87dcb14fd8bf5d8448aa56dcd9030e
Behavioral task
behavioral1
Sample
d4f71f1933aba41e003d363321a199fb262d27a8c2a42ff3aaa61e28a38ab1be.exe
Resource
win7-20220414-en
Behavioral task
behavioral2
Sample
d4f71f1933aba41e003d363321a199fb262d27a8c2a42ff3aaa61e28a38ab1be.exe
Resource
win10v2004-20220414-en
Malware Config
Targets
-
-
Target
d4f71f1933aba41e003d363321a199fb262d27a8c2a42ff3aaa61e28a38ab1be
-
Size
12.8MB
-
MD5
e293f7a69f4b687ff718897087b594cb
-
SHA1
97bc9ce0fdb3609e8ea9c4d4ee50c5aa1d7f739e
-
SHA256
d4f71f1933aba41e003d363321a199fb262d27a8c2a42ff3aaa61e28a38ab1be
-
SHA512
71b54b2351739b63b8c5449ec2f7ee1848402d7fb0a7358e907667744fef1d455320cf7199e0447fa40bacccc2e6d593ae87dcb14fd8bf5d8448aa56dcd9030e
-
XMRig Miner Payload
-
Executes dropped EXE
-
Sets file execution options in registry
-
Checks computer location settings
Looks up country code configured in the registry, likely geofence.
-
Adds Run key to start application
-
Drops file in System32 directory
-