General
-
Target
1afe5910f896d63391e1ed774700fe71557255a548d14a3e3c4f2d902eff1f7f
-
Size
10.0MB
-
Sample
220520-g6vdnaghcp
-
MD5
8ad9b14ff4e87327688b2ce3e0693367
-
SHA1
6c18d0f48236c9dd9e5dde6eda8dfba9f1d20c2b
-
SHA256
1afe5910f896d63391e1ed774700fe71557255a548d14a3e3c4f2d902eff1f7f
-
SHA512
b0112c8a30a51d1ae912195a83cd2e6e3357196cf1d413b28f574ab22b74a5ae2de89354d28cf6f2ad19345e5a4f2d00ea6bf5f665204e6ba70f6328607ab3f1
Static task
static1
Behavioral task
behavioral1
Sample
AWC.dll
Resource
win7-20220414-en
Behavioral task
behavioral2
Sample
AWC.dll
Resource
win10v2004-20220414-en
Behavioral task
behavioral3
Sample
Injector.exe
Resource
win7-20220414-en
Behavioral task
behavioral4
Sample
Injector.exe
Resource
win10v2004-20220414-en
Malware Config
Targets
-
-
Target
AWC.dll
-
Size
2.8MB
-
MD5
e44955de07b7852360962ab04b9cf256
-
SHA1
c9d97f414c9ce0db34a84d6b84b331397de853ff
-
SHA256
287b654b6c588d3d2595307f0e5f48897742c798f1ce232f40e774e8f2242181
-
SHA512
ebdfb07ed7bdaf38fe21448ed1ca9b8e2fd7bc1de3879842926f45fb582bb2dd4c92454665930baade1d075918978ed36233d13e84898ecb1050c5405ecd4446
Score3/10 -
-
-
Target
Injector.exe
-
Size
9.4MB
-
MD5
c014edde246b35f3a7379cb4c5e1185e
-
SHA1
584ae3a33acdd163750007847543826a15d95df9
-
SHA256
c32ff3c02f5ec47707631568f2f5435e3391820a7c238925a782e6e74656134e
-
SHA512
522c4fa3645c30ed1e863b52cbf1f089a0c41075e52b5323c7079ab3ef80b850893d5be49f5c7a047f284c901ba56801a5d626e2a3d4e4c99f18d36e72f7e4be
Score10/10-
XMRig Miner Payload
-
Executes dropped EXE
-
Checks computer location settings
Looks up country code configured in the registry, likely geofence.
-
Loads dropped DLL
-
Adds Run key to start application
-
Suspicious use of SetThreadContext
-