General
-
Target
6b7359e733d8e32a8844dccf6d9a910c87a0cc45dbdcd00e66aedf116b5d23a8
-
Size
24.8MB
-
Sample
220516-q6w2xsdah8
-
MD5
a69f2a147f7e89dd42380ffb84e30220
-
SHA1
1ffe6cd533ec527dbdbd85c057fa8acfbc92d432
-
SHA256
6b7359e733d8e32a8844dccf6d9a910c87a0cc45dbdcd00e66aedf116b5d23a8
-
SHA512
fc2685d5f28c8a19bab6b5a92c63f1e5115c4525710685aef80b780d5d377cac81cd0b0ef704a6a2c293e252dc9a82b155fb65a5518555fc7c230bc57114ba1b
Behavioral task
behavioral1
Sample
6b7359e733d8e32a8844dccf6d9a910c87a0cc45dbdcd00e66aedf116b5d23a8.exe
Resource
win7-20220414-en
Behavioral task
behavioral2
Sample
6b7359e733d8e32a8844dccf6d9a910c87a0cc45dbdcd00e66aedf116b5d23a8.exe
Resource
win10v2004-20220414-en
Malware Config
Targets
-
-
Target
6b7359e733d8e32a8844dccf6d9a910c87a0cc45dbdcd00e66aedf116b5d23a8
-
Size
24.8MB
-
MD5
a69f2a147f7e89dd42380ffb84e30220
-
SHA1
1ffe6cd533ec527dbdbd85c057fa8acfbc92d432
-
SHA256
6b7359e733d8e32a8844dccf6d9a910c87a0cc45dbdcd00e66aedf116b5d23a8
-
SHA512
fc2685d5f28c8a19bab6b5a92c63f1e5115c4525710685aef80b780d5d377cac81cd0b0ef704a6a2c293e252dc9a82b155fb65a5518555fc7c230bc57114ba1b
-
XMRig Miner Payload
-
Executes dropped EXE
-
Sets file execution options in registry
-
Checks computer location settings
Looks up country code configured in the registry, likely geofence.
-
Adds Run key to start application
-
Drops file in System32 directory
-