General
-
Target
0a7e84e07d7dffea2925e5a508c2a419ffd2a44f110e0645972e4d077d8822b4
-
Size
397KB
-
Sample
220518-pq3zvscdgj
-
MD5
45626e0ba033517e92404779ed548fb1
-
SHA1
72722ee51dc3cb8be87f35203b0bd41a380c9a52
-
SHA256
0a7e84e07d7dffea2925e5a508c2a419ffd2a44f110e0645972e4d077d8822b4
-
SHA512
9227d419b99cc75921d0a8fc12851954905e49d3ad83d399813ba5d18e5c3171e62c076cd4d8dd9a58e0881bc77b90db0ace80dd932a8048eb037154039f3f15
Static task
static1
Behavioral task
behavioral1
Sample
0a7e84e07d7dffea2925e5a508c2a419ffd2a44f110e0645972e4d077d8822b4.exe
Resource
win10v2004-20220414-en
Malware Config
Targets
-
-
Target
0a7e84e07d7dffea2925e5a508c2a419ffd2a44f110e0645972e4d077d8822b4
-
Size
397KB
-
MD5
45626e0ba033517e92404779ed548fb1
-
SHA1
72722ee51dc3cb8be87f35203b0bd41a380c9a52
-
SHA256
0a7e84e07d7dffea2925e5a508c2a419ffd2a44f110e0645972e4d077d8822b4
-
SHA512
9227d419b99cc75921d0a8fc12851954905e49d3ad83d399813ba5d18e5c3171e62c076cd4d8dd9a58e0881bc77b90db0ace80dd932a8048eb037154039f3f15
Score10/10-
XMRig Miner Payload
-
Downloads MZ/PE file
-
Executes dropped EXE
-
Sets file execution options in registry
-
Checks computer location settings
Looks up country code configured in the registry, likely geofence.
-
Checks installed software on the system
Looks up Uninstall key entries in the registry to enumerate software on the system.
-
Modifies WinLogon
-
Modifies powershell logging option
-