General
-
Target
f880f3e5cae429ccb498e919c45beb3a016bb3c7ec60209e1e64ba1cc193ad87
-
Size
17.8MB
-
Sample
220516-q5wd1adab6
-
MD5
096b08cfe674c716bd8834c1f7fd91e5
-
SHA1
1fbd8d88ec2036b6402d23e6159811c07ecfb8bb
-
SHA256
f880f3e5cae429ccb498e919c45beb3a016bb3c7ec60209e1e64ba1cc193ad87
-
SHA512
bf5336c06d578b80409ffec3b58dd6c7794c247eb6b62030e9b0de7a3091b9b973de9067aa27ce415e6fff80b89be05dfbc63d10b0bd676afe1e99a66a82d51b
Behavioral task
behavioral1
Sample
f880f3e5cae429ccb498e919c45beb3a016bb3c7ec60209e1e64ba1cc193ad87.exe
Resource
win7-20220414-en
Malware Config
Targets
-
-
Target
f880f3e5cae429ccb498e919c45beb3a016bb3c7ec60209e1e64ba1cc193ad87
-
Size
17.8MB
-
MD5
096b08cfe674c716bd8834c1f7fd91e5
-
SHA1
1fbd8d88ec2036b6402d23e6159811c07ecfb8bb
-
SHA256
f880f3e5cae429ccb498e919c45beb3a016bb3c7ec60209e1e64ba1cc193ad87
-
SHA512
bf5336c06d578b80409ffec3b58dd6c7794c247eb6b62030e9b0de7a3091b9b973de9067aa27ce415e6fff80b89be05dfbc63d10b0bd676afe1e99a66a82d51b
-
XMRig Miner Payload
-
Executes dropped EXE
-
Sets file execution options in registry
-
Checks computer location settings
Looks up country code configured in the registry, likely geofence.
-
Adds Run key to start application
-
Drops file in System32 directory
-