General
-
Target
d1238dcc889df13c51a8d02952c30ba4370ebe4a0b8ce173a83ca267d8f945d2
-
Size
12.1MB
-
Sample
220520-qnd4dsgfep
-
MD5
514099bb5934695dce6048da4376d690
-
SHA1
df84049a83a502ad0db2fb118c89d1878a615b4a
-
SHA256
d1238dcc889df13c51a8d02952c30ba4370ebe4a0b8ce173a83ca267d8f945d2
-
SHA512
ac050605d8ba41d0c5b1f9711ad4be5ba69b116f7a76e1bba27c96139242197bef592ea14eca034a4047a4d2b211a632b328774e0235576c9ecf4a849b34209b
Malware Config
Targets
-
-
Target
d1238dcc889df13c51a8d02952c30ba4370ebe4a0b8ce173a83ca267d8f945d2
-
Size
12.1MB
-
MD5
514099bb5934695dce6048da4376d690
-
SHA1
df84049a83a502ad0db2fb118c89d1878a615b4a
-
SHA256
d1238dcc889df13c51a8d02952c30ba4370ebe4a0b8ce173a83ca267d8f945d2
-
SHA512
ac050605d8ba41d0c5b1f9711ad4be5ba69b116f7a76e1bba27c96139242197bef592ea14eca034a4047a4d2b211a632b328774e0235576c9ecf4a849b34209b
Score10/10-
xmrig
XMRig is a high performance, open source, cross platform CPU/GPU miner.
-
XMRig Miner Payload
-
Adds policy Run key to start application
-
Executes dropped EXE
-
Cryptocurrency Miner
Makes network request to known mining pool URL.
-
Deletes itself
-
Drops startup file
-
Loads dropped DLL
-
Modifies file permissions
-
Adds Run key to start application
-
AutoIT Executable
AutoIT scripts compiled to PE executables.
-