a36430851072c9ef0330d0fa58f5f777983f20a2b7415733e2a62f092429d67e

General
Target

a36430851072c9ef0330d0fa58f5f777983f20a2b7415733e2a62f092429d67e

Size

2MB

Sample

220520-2cyt7sfba9

Score
10 /10
MD5

05e5b7a1ba45c36e63bb4bc1d39874c9

SHA1

db184def60fb765dd0c14db6d77661611011c097

SHA256

a36430851072c9ef0330d0fa58f5f777983f20a2b7415733e2a62f092429d67e

SHA512

979ece9f909d9b7c299d688cd6aa9997f33c6bd5660f082e976df92797359709bf6c4b199d6429b31edcd8bf3d7d45696f3e534fac537ce1f441322d1fd15ade

Malware Config
Targets
Target

a36430851072c9ef0330d0fa58f5f777983f20a2b7415733e2a62f092429d67e

MD5

05e5b7a1ba45c36e63bb4bc1d39874c9

Filesize

2MB

Score
10/10
SHA1

db184def60fb765dd0c14db6d77661611011c097

SHA256

a36430851072c9ef0330d0fa58f5f777983f20a2b7415733e2a62f092429d67e

SHA512

979ece9f909d9b7c299d688cd6aa9997f33c6bd5660f082e976df92797359709bf6c4b199d6429b31edcd8bf3d7d45696f3e534fac537ce1f441322d1fd15ade

Tags

Signatures

  • xmrig

    Description

    XMRig is a high performance, open source, cross platform CPU/GPU miner.

    Tags

  • XMRig Miner Payload

    Tags

  • UPX packed file

    Description

    Detects executables packed with UPX/modified UPX open source packer.

    Tags

  • Checks BIOS information in registry

    Description

    BIOS information is often read in order to detect sandboxing environments.

    TTPs

    Query RegistrySystem Information Discovery
  • Adds Run key to start application

    Tags

    TTPs

    Registry Run Keys / Startup FolderModify Registry
  • Suspicious use of SetThreadContext

Related Tasks

MITRE ATT&CK Matrix
Collection
    Command and Control
      Credential Access
        Defense Evasion
        Execution
          Exfiltration
            Impact
              Initial Access
                Lateral Movement
                  Privilege Escalation
                    Tasks

                    static1

                    behavioral1

                    10/10

                    behavioral2

                    10/10