General
-
Target
3d3841460e41c5c4bb24abfbacae5d8d0cbfd2c5fe0f15466cea6c3958724a57
-
Size
1.1MB
-
Sample
220703-eergksgaf8
-
MD5
491849a7cdb5ccc2f8470666d0efde02
-
SHA1
5912fc8700db9eb7988cce74336ea567205b68e6
-
SHA256
3d3841460e41c5c4bb24abfbacae5d8d0cbfd2c5fe0f15466cea6c3958724a57
-
SHA512
c0f68923936eb4380fcc099198821c34059455dd8555ea10bfc300324c126f276c1b3b90ef671daf4d63340a75140ecfb77c84ca9b7b6e9c37ff97087e120e9d
Behavioral task
behavioral1
Sample
3d3841460e41c5c4bb24abfbacae5d8d0cbfd2c5fe0f15466cea6c3958724a57.exe
Resource
win7-20220414-en
Malware Config
Targets
-
-
Target
3d3841460e41c5c4bb24abfbacae5d8d0cbfd2c5fe0f15466cea6c3958724a57
-
Size
1.1MB
-
MD5
491849a7cdb5ccc2f8470666d0efde02
-
SHA1
5912fc8700db9eb7988cce74336ea567205b68e6
-
SHA256
3d3841460e41c5c4bb24abfbacae5d8d0cbfd2c5fe0f15466cea6c3958724a57
-
SHA512
c0f68923936eb4380fcc099198821c34059455dd8555ea10bfc300324c126f276c1b3b90ef671daf4d63340a75140ecfb77c84ca9b7b6e9c37ff97087e120e9d
-
XMRig Miner Payload
-
Executes dropped EXE
-
Checks computer location settings
Looks up country code configured in the registry, likely geofence.
-
Deletes itself
-
Loads dropped DLL
-
Drops file in System32 directory
-