General
-
Target
71f53d9f51c308218ce477988f33c8ce23fc766a60bb803baa8062ec3911a46d
-
Size
6.6MB
-
Sample
220516-qn8b8sfcfk
-
MD5
9227df15a138dd7f048f001db44c6ab4
-
SHA1
8f3a07f9afcb8d8d1beb0134470980b8c464c8fe
-
SHA256
71f53d9f51c308218ce477988f33c8ce23fc766a60bb803baa8062ec3911a46d
-
SHA512
abf151151b4ae26a35eafeb9d2986f99ddb1cdf91ce8d2100fcc7f0120ac027885a12fe152d0b44a213273bec91d40eaa76195bba00c3862c9552dda38994044
Static task
static1
Behavioral task
behavioral1
Sample
71f53d9f51c308218ce477988f33c8ce23fc766a60bb803baa8062ec3911a46d.exe
Resource
win10-20220414-en
Malware Config
Targets
-
-
Target
71f53d9f51c308218ce477988f33c8ce23fc766a60bb803baa8062ec3911a46d
-
Size
6.6MB
-
MD5
9227df15a138dd7f048f001db44c6ab4
-
SHA1
8f3a07f9afcb8d8d1beb0134470980b8c464c8fe
-
SHA256
71f53d9f51c308218ce477988f33c8ce23fc766a60bb803baa8062ec3911a46d
-
SHA512
abf151151b4ae26a35eafeb9d2986f99ddb1cdf91ce8d2100fcc7f0120ac027885a12fe152d0b44a213273bec91d40eaa76195bba00c3862c9552dda38994044
Score10/10-
XMRig Miner Payload
-
Executes dropped EXE
-
Loads dropped DLL
-
Adds Run key to start application
-
Looks up external IP address via web service
Uses a legitimate IP lookup service to find the infected system's external IP.
-
Suspicious use of SetThreadContext
-