General
-
Target
b741326d7278ad9d3be13a80bcd3ead02ddb1a45c73d0c3f903d2ae0675643dd
-
Size
3.9MB
-
Sample
220521-m7s5wadbh9
-
MD5
855c397b671d85fb2422b31924f8af9f
-
SHA1
a2750adf76a245c6f822dc9723e9660b833ca8d4
-
SHA256
b741326d7278ad9d3be13a80bcd3ead02ddb1a45c73d0c3f903d2ae0675643dd
-
SHA512
921183d5d9584b256150990fad2d5db8e37065fd1ed03ff7f9d0fd4324ae09da7000037f00e18cd9147b17ae38d2f1f4178d970740598561364b4e61605b3d09
Static task
static1
Behavioral task
behavioral1
Sample
b741326d7278ad9d3be13a80bcd3ead02ddb1a45c73d0c3f903d2ae0675643dd.exe
Resource
win7-20220414-en
Malware Config
Targets
-
-
Target
b741326d7278ad9d3be13a80bcd3ead02ddb1a45c73d0c3f903d2ae0675643dd
-
Size
3.9MB
-
MD5
855c397b671d85fb2422b31924f8af9f
-
SHA1
a2750adf76a245c6f822dc9723e9660b833ca8d4
-
SHA256
b741326d7278ad9d3be13a80bcd3ead02ddb1a45c73d0c3f903d2ae0675643dd
-
SHA512
921183d5d9584b256150990fad2d5db8e37065fd1ed03ff7f9d0fd4324ae09da7000037f00e18cd9147b17ae38d2f1f4178d970740598561364b4e61605b3d09
-
XMRig Miner Payload
-
Executes dropped EXE
-
Checks computer location settings
Looks up country code configured in the registry, likely geofence.
-
Loads dropped DLL
-
AutoIT Executable
AutoIT scripts compiled to PE executables.
-
Suspicious use of SetThreadContext
-