b741326d7278ad9d3be13a80bcd3ead02ddb1a45c73d0c3f903d2ae0675643dd

Target

Size

3MB

Sample

220521-m7s5wadbh9

Score

10 ^/10

MD5

855c397b671d85fb2422b31924f8af9f

SHA1

a2750adf76a245c6f822dc9723e9660b833ca8d4

SHA256

b741326d7278ad9d3be13a80bcd3ead02ddb1a45c73d0c3f903d2ae0675643dd

SHA512

921183d5d9584b256150990fad2d5db8e37065fd1ed03ff7f9d0fd4324ae09da7000037f00e18cd9147b17ae38d2f1f4178d970740598561364b4e61605b3d09

Target

b741326d7278ad9d3be13a80bcd3ead02ddb1a45c73d0c3f903d2ae0675643dd

MD5

855c397b671d85fb2422b31924f8af9f

Filesize

3MB

Score

10^/10

SHA1

a2750adf76a245c6f822dc9723e9660b833ca8d4

SHA256

b741326d7278ad9d3be13a80bcd3ead02ddb1a45c73d0c3f903d2ae0675643dd

SHA512

921183d5d9584b256150990fad2d5db8e37065fd1ed03ff7f9d0fd4324ae09da7000037f00e18cd9147b17ae38d2f1f4178d970740598561364b4e61605b3d09

Signatures

xmrig
Description

XMRig is a high performance, open source, cross platform CPU/GPU miner.
Tags

miner xmrig
XMRig Miner Payload
Tags

miner
Executes dropped EXE
Checks computer location settings
Description

Looks up country code configured in the registry, likely geofence.
TTPs

Query RegistrySystem Information Discovery
Loads dropped DLL
AutoIT Executable
Description

AutoIT scripts compiled to PE executables.
Suspicious use of SetThreadContext

Related Tasks

behavioral1 behavioral2

Collection

Command and Control

Credential Access

Defense Evasion

Discovery

Execution

Exfiltration

Impact

Initial Access

Lateral Movement

Persistence

Scheduled Task

Privilege Escalation

static1

5^/10

behavioral1

xmrig miner

10^/10

behavioral2

xmrig miner

10^/10

Tags

Signatures

xmrig

Description

Tags

XMRig Miner Payload

Tags

Executes dropped EXE

Checks computer location settings

Description

TTPs

Loads dropped DLL

AutoIT Executable

Description

Suspicious use of SetThreadContext

Related Tasks

static1

behavioral1

behavioral2