General

  • Target

    ac4daabcc33e6d296965a9e4b5af21fa43e47f49c58da62c420ebb66694b819a

  • Size

    1MB

  • Sample

    220521-awsnraahc5

  • MD5

    ce854dd32e1d931cd6a791b30dcd9458

  • SHA1

    0b247814ee8be3926e0dd64e749d7a4f174f96b7

  • SHA256

    ac4daabcc33e6d296965a9e4b5af21fa43e47f49c58da62c420ebb66694b819a

  • SHA512

    12cc6264daa1deaf81d59153f8cb9f9ed5b67dd45d6c954706c4a9052807384395ceb008b082e9bf903493dc9e52769fcf91a8295be9beae95655691a72c7e42

Score
10/10

Malware Config

Targets

    • Target

      ac4daabcc33e6d296965a9e4b5af21fa43e47f49c58da62c420ebb66694b819a

    • Size

      1MB

    • MD5

      ce854dd32e1d931cd6a791b30dcd9458

    • SHA1

      0b247814ee8be3926e0dd64e749d7a4f174f96b7

    • SHA256

      ac4daabcc33e6d296965a9e4b5af21fa43e47f49c58da62c420ebb66694b819a

    • SHA512

      12cc6264daa1deaf81d59153f8cb9f9ed5b67dd45d6c954706c4a9052807384395ceb008b082e9bf903493dc9e52769fcf91a8295be9beae95655691a72c7e42

    Score
    10/10
    • xmrig

      XMRig is a high performance, open source, cross platform CPU/GPU miner.

    • XMRig Miner Payload

    • UPX packed file

      Detects executables packed with UPX/modified UPX open source packer.

    • Drops startup file

    • Suspicious use of SetThreadContext

MITRE ATT&CK Matrix

Collection

    Command and Control

      Credential Access

        Defense Evasion

          Discovery

            Execution

              Exfiltration

                Impact

                  Initial Access

                    Lateral Movement

                      Persistence

                        Privilege Escalation