General
-
Target
948bbee49d5b9e0b2e029a1d6d65ae8415110ea7843d4636e33c77db6e3f3b72
-
Size
16.3MB
-
Sample
220516-q6j3csffam
-
MD5
ec7df9561959f065e8b9bc60ba551c47
-
SHA1
ecbfe7015236d2c38eca9b1953cd7e7be0df44c3
-
SHA256
948bbee49d5b9e0b2e029a1d6d65ae8415110ea7843d4636e33c77db6e3f3b72
-
SHA512
e61760f704f31107d107188215de93b226e272784573ba9d6f412307edd02471a3a2565cd8f9d04e0200c53c59b0fe42c64214dc8a988ae370fc511336b365a8
Behavioral task
behavioral1
Sample
948bbee49d5b9e0b2e029a1d6d65ae8415110ea7843d4636e33c77db6e3f3b72.exe
Resource
win7-20220414-en
Behavioral task
behavioral2
Sample
948bbee49d5b9e0b2e029a1d6d65ae8415110ea7843d4636e33c77db6e3f3b72.exe
Resource
win10v2004-20220414-en
Malware Config
Targets
-
-
Target
948bbee49d5b9e0b2e029a1d6d65ae8415110ea7843d4636e33c77db6e3f3b72
-
Size
16.3MB
-
MD5
ec7df9561959f065e8b9bc60ba551c47
-
SHA1
ecbfe7015236d2c38eca9b1953cd7e7be0df44c3
-
SHA256
948bbee49d5b9e0b2e029a1d6d65ae8415110ea7843d4636e33c77db6e3f3b72
-
SHA512
e61760f704f31107d107188215de93b226e272784573ba9d6f412307edd02471a3a2565cd8f9d04e0200c53c59b0fe42c64214dc8a988ae370fc511336b365a8
Score10/10-
XMRig Miner Payload
-
Executes dropped EXE
-
Sets file execution options in registry
-
Checks computer location settings
Looks up country code configured in the registry, likely geofence.
-
Adds Run key to start application
-
Drops file in System32 directory
-