General
-
Target
7b81661cd1382b65231f4d669ddf064ebff7852cf567f89b3bf10525c047415d
-
Size
20.3MB
-
Sample
220516-q6p9dadac8
-
MD5
8f8b7fa7e7bb2808e8dd27ef7548c28b
-
SHA1
424f2dc28e6d36a640171f1a93c1367741c3f05a
-
SHA256
7b81661cd1382b65231f4d669ddf064ebff7852cf567f89b3bf10525c047415d
-
SHA512
1377d82b445088a17b68a4b45e5012ee2e93d8744c2f29a337a68e4b3c872e042e95f52563e7c13d25f4990d07a23823f3c5e9ae6750865fd2960d228c0b0a63
Malware Config
Targets
-
-
Target
7b81661cd1382b65231f4d669ddf064ebff7852cf567f89b3bf10525c047415d
-
Size
20.3MB
-
MD5
8f8b7fa7e7bb2808e8dd27ef7548c28b
-
SHA1
424f2dc28e6d36a640171f1a93c1367741c3f05a
-
SHA256
7b81661cd1382b65231f4d669ddf064ebff7852cf567f89b3bf10525c047415d
-
SHA512
1377d82b445088a17b68a4b45e5012ee2e93d8744c2f29a337a68e4b3c872e042e95f52563e7c13d25f4990d07a23823f3c5e9ae6750865fd2960d228c0b0a63
Score10/10-
UAC bypass
-
xmrig
XMRig is a high performance, open source, cross platform CPU/GPU miner.
-
XMRig Miner Payload
-
Executes dropped EXE
-
Sets file execution options in registry
-
Checks computer location settings
Looks up country code configured in the registry, likely geofence.
-
Adds Run key to start application
-
Checks whether UAC is enabled
-