General
-
Target
42a7636248e5972bf5c790eb5c13f93716821d4606644adf0b18a26826179f2a
-
Size
2.3MB
-
Sample
220708-b9f3jscdck
-
MD5
7b4f33a283fc64db1227f5d82db91a59
-
SHA1
f32ae945c419e09e3320686f2b9b419c346d76a3
-
SHA256
42a7636248e5972bf5c790eb5c13f93716821d4606644adf0b18a26826179f2a
-
SHA512
7c59bc1028115acbda27245a8f14638892a3fbae1ac409ec62448f9ad580fd3051bdaef751b7d8f6e81df80a23098201de386082e229a768a6142a514ee85511
Behavioral task
behavioral1
Sample
42a7636248e5972bf5c790eb5c13f93716821d4606644adf0b18a26826179f2a.exe
Resource
win7-20220414-en
Malware Config
Targets
-
-
Target
42a7636248e5972bf5c790eb5c13f93716821d4606644adf0b18a26826179f2a
-
Size
2.3MB
-
MD5
7b4f33a283fc64db1227f5d82db91a59
-
SHA1
f32ae945c419e09e3320686f2b9b419c346d76a3
-
SHA256
42a7636248e5972bf5c790eb5c13f93716821d4606644adf0b18a26826179f2a
-
SHA512
7c59bc1028115acbda27245a8f14638892a3fbae1ac409ec62448f9ad580fd3051bdaef751b7d8f6e81df80a23098201de386082e229a768a6142a514ee85511
-
XMRig Miner payload
-
Executes dropped EXE
-
Modifies Windows Firewall
-
Stops running service(s)
-
Checks computer location settings
Looks up country code configured in the registry, likely geofence.
-
Deletes itself
-
Loads dropped DLL
-