b741326d7278ad9d3be13a80bcd3ead02ddb1a45c73d0c3f903d2ae0675643dd

General
Target

b741326d7278ad9d3be13a80bcd3ead02ddb1a45c73d0c3f903d2ae0675643dd

Size

3MB

Sample

220521-m7s5wadbh9

Score
10 /10
MD5

855c397b671d85fb2422b31924f8af9f

SHA1

a2750adf76a245c6f822dc9723e9660b833ca8d4

SHA256

b741326d7278ad9d3be13a80bcd3ead02ddb1a45c73d0c3f903d2ae0675643dd

SHA512

921183d5d9584b256150990fad2d5db8e37065fd1ed03ff7f9d0fd4324ae09da7000037f00e18cd9147b17ae38d2f1f4178d970740598561364b4e61605b3d09

Malware Config
Targets
Target

b741326d7278ad9d3be13a80bcd3ead02ddb1a45c73d0c3f903d2ae0675643dd

MD5

855c397b671d85fb2422b31924f8af9f

Filesize

3MB

Score
10/10
SHA1

a2750adf76a245c6f822dc9723e9660b833ca8d4

SHA256

b741326d7278ad9d3be13a80bcd3ead02ddb1a45c73d0c3f903d2ae0675643dd

SHA512

921183d5d9584b256150990fad2d5db8e37065fd1ed03ff7f9d0fd4324ae09da7000037f00e18cd9147b17ae38d2f1f4178d970740598561364b4e61605b3d09

Tags

Signatures

  • xmrig

    Description

    XMRig is a high performance, open source, cross platform CPU/GPU miner.

    Tags

  • XMRig Miner Payload

    Tags

  • Executes dropped EXE

  • Checks computer location settings

    Description

    Looks up country code configured in the registry, likely geofence.

    TTPs

    Query RegistrySystem Information Discovery
  • Loads dropped DLL

  • AutoIT Executable

    Description

    AutoIT scripts compiled to PE executables.

  • Suspicious use of SetThreadContext

Related Tasks

MITRE ATT&CK Matrix
Collection
    Command and Control
      Credential Access
        Defense Evasion
          Execution
            Exfiltration
              Impact
                Initial Access
                  Lateral Movement
                    Persistence
                    Privilege Escalation
                      Tasks

                      static1

                      5/10

                      behavioral1

                      10/10

                      behavioral2

                      10/10