General
-
Target
003bf16a4661cccc90dd7410ab077d356a3d434effe1047a6df1c133b1746b33
-
Size
4.1MB
-
Sample
220518-zzvd7agfhm
-
MD5
c1fd183c8ef30db8e2be4ab51e42501f
-
SHA1
67a5ba161cafa7f0471f03968dd0f94cfb21aa1a
-
SHA256
003bf16a4661cccc90dd7410ab077d356a3d434effe1047a6df1c133b1746b33
-
SHA512
8b3060ae4c8e8e7f376ed40ac9741206f9d82f3185571a4edd2be05de5240ae743356cd498a842f58f969286e80014ecae29423a618b520d97cedc5a01ddc2f0
Static task
static1
Malware Config
Targets
-
-
Target
003bf16a4661cccc90dd7410ab077d356a3d434effe1047a6df1c133b1746b33
-
Size
4.1MB
-
MD5
c1fd183c8ef30db8e2be4ab51e42501f
-
SHA1
67a5ba161cafa7f0471f03968dd0f94cfb21aa1a
-
SHA256
003bf16a4661cccc90dd7410ab077d356a3d434effe1047a6df1c133b1746b33
-
SHA512
8b3060ae4c8e8e7f376ed40ac9741206f9d82f3185571a4edd2be05de5240ae743356cd498a842f58f969286e80014ecae29423a618b520d97cedc5a01ddc2f0
-
Modifies security service
-
XMRig Miner Payload
-
Executes dropped EXE
-
Possible privilege escalation attempt
-
Stops running service(s)
-
Modifies file permissions
-
Drops file in System32 directory
-
Suspicious use of SetThreadContext
-