1afe5910f896d63391e1ed774700fe71557255a548d14a3e3c4f2d902eff1f7f

General
Target

1afe5910f896d63391e1ed774700fe71557255a548d14a3e3c4f2d902eff1f7f

Size

10MB

Sample

220520-g6vdnaghcp

Score
10 /10
MD5

8ad9b14ff4e87327688b2ce3e0693367

SHA1

6c18d0f48236c9dd9e5dde6eda8dfba9f1d20c2b

SHA256

1afe5910f896d63391e1ed774700fe71557255a548d14a3e3c4f2d902eff1f7f

SHA512

b0112c8a30a51d1ae912195a83cd2e6e3357196cf1d413b28f574ab22b74a5ae2de89354d28cf6f2ad19345e5a4f2d00ea6bf5f665204e6ba70f6328607ab3f1

Malware Config
Targets
Target

AWC.dll

MD5

e44955de07b7852360962ab04b9cf256

Filesize

2MB

Score
3/10
SHA1

c9d97f414c9ce0db34a84d6b84b331397de853ff

SHA256

287b654b6c588d3d2595307f0e5f48897742c798f1ce232f40e774e8f2242181

SHA512

ebdfb07ed7bdaf38fe21448ed1ca9b8e2fd7bc1de3879842926f45fb582bb2dd4c92454665930baade1d075918978ed36233d13e84898ecb1050c5405ecd4446

Related Tasks

Target

Injector.exe

MD5

c014edde246b35f3a7379cb4c5e1185e

Filesize

9MB

Score
10/10
SHA1

584ae3a33acdd163750007847543826a15d95df9

SHA256

c32ff3c02f5ec47707631568f2f5435e3391820a7c238925a782e6e74656134e

SHA512

522c4fa3645c30ed1e863b52cbf1f089a0c41075e52b5323c7079ab3ef80b850893d5be49f5c7a047f284c901ba56801a5d626e2a3d4e4c99f18d36e72f7e4be

Tags

Signatures

  • xmrig

    Description

    XMRig is a high performance, open source, cross platform CPU/GPU miner.

    Tags

  • XMRig Miner Payload

    Tags

  • Executes dropped EXE

  • UPX packed file

    Description

    Detects executables packed with UPX/modified UPX open source packer.

    Tags

  • Checks computer location settings

    Description

    Looks up country code configured in the registry, likely geofence.

    TTPs

    Query RegistrySystem Information Discovery
  • Loads dropped DLL

  • Adds Run key to start application

    Tags

    TTPs

    Registry Run Keys / Startup FolderModify Registry
  • Suspicious use of SetThreadContext

Related Tasks

MITRE ATT&CK Matrix
Collection
    Command and Control
      Credential Access
        Defense Evasion
        Execution
          Exfiltration
            Impact
              Initial Access
                Lateral Movement
                  Privilege Escalation
                    Tasks

                    static1

                    behavioral1

                    1/10

                    behavioral2

                    3/10

                    behavioral3

                    10/10

                    behavioral4

                    10/10