Overview

overview

10

Static

static

13cdd5d789...73.exe

windows7_x64

8

13cdd5d789...73.exe

windows10-2004_x64

10

Sharing

Copy URL
Twitter E-mail

General

  • Target

    13cdd5d789b46a4913b3414b6cf9928ebcdb725bf7664974c0d5851be1c37a73

  • Size

    506KB

  • Sample

    220516-q8gd9adcb8

  • MD5

    b153ea5996f9a64f1c1da4bb7298680e

  • SHA1

    cec8c0b3853836265a11d2cdb1cda41c4a0ac79c

  • SHA256

    13cdd5d789b46a4913b3414b6cf9928ebcdb725bf7664974c0d5851be1c37a73

  • SHA512

    1420231956da8ca362569f2fbcdc86d3e03741701b9a38a100392d427f3d4bf37a1077e32b252651feaa9dbf7b82c351431986527f7ca49560e36f5fac0d593b

Score
10/10
xmrigminer

Malware Config

Targets

    • Target

      13cdd5d789b46a4913b3414b6cf9928ebcdb725bf7664974c0d5851be1c37a73

    • Size

      506KB

    • MD5

      b153ea5996f9a64f1c1da4bb7298680e

    • SHA1

      cec8c0b3853836265a11d2cdb1cda41c4a0ac79c

    • SHA256

      13cdd5d789b46a4913b3414b6cf9928ebcdb725bf7664974c0d5851be1c37a73

    • SHA512

      1420231956da8ca362569f2fbcdc86d3e03741701b9a38a100392d427f3d4bf37a1077e32b252651feaa9dbf7b82c351431986527f7ca49560e36f5fac0d593b

    Score
    10/10
    xmrigminer

    • xmrig

      XMRig is a high performance, open source, cross platform CPU/GPU miner.

      minerxmrig

    • XMRig Miner Payload

      miner

    • Executes dropped EXE

    • Checks computer location settings

      Looks up country code configured in the registry, likely geofence.

    behavioral1behavioral2

MITRE ATT&CK Matrix ATT&CK v6

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Query Registry

1
T1012

System Information Discovery

2
T1082

Lateral Movement

Collection

Exfiltration

Command and Control

Impact

Tasks