Overview

overview

10

Static

static

5c5fb635d7...c1.exe

windows7-x64

10

5c5fb635d7...c1.exe

windows10-2004-x64

10

Sharing

Copy URL
Twitter E-mail

General

  • Target

    5c5fb635d7d355ad148a520da62c706c6521413479080219e6dfd623f06590c1

  • Size

    889KB

  • Sample

    220801-r68ldshfe6

  • MD5

    3dfa222fed3567b6189762e951d76377

  • SHA1

    614e83661da7213dca3016fbfc2803db7daeefe0

  • SHA256

    5c5fb635d7d355ad148a520da62c706c6521413479080219e6dfd623f06590c1

  • SHA512

    679b2039f93d084657494bc354e7d2d455ea53db2503597ac74048ffd4ed9cb52b0010c8784607e8b4cbc83374abc0be5f8c1f32513af26a228f97fe2b077c32

Score
10/10
xmrigminerpersistenceupx

Malware Config

Targets

    • Target

      5c5fb635d7d355ad148a520da62c706c6521413479080219e6dfd623f06590c1

    • Size

      889KB

    • MD5

      3dfa222fed3567b6189762e951d76377

    • SHA1

      614e83661da7213dca3016fbfc2803db7daeefe0

    • SHA256

      5c5fb635d7d355ad148a520da62c706c6521413479080219e6dfd623f06590c1

    • SHA512

      679b2039f93d084657494bc354e7d2d455ea53db2503597ac74048ffd4ed9cb52b0010c8784607e8b4cbc83374abc0be5f8c1f32513af26a228f97fe2b077c32

    Score
    10/10
    xmrigminerpersistenceupx

    • xmrig

      XMRig is a high performance, open source, cross platform CPU/GPU miner.

      minerxmrig

    • XMRig Miner payload

      miner

    • UPX packed file

      Detects executables packed with UPX/modified UPX open source packer.

      upx

    • Adds Run key to start application

      persistence

    • Suspicious use of SetThreadContext

    behavioral1behavioral2

MITRE ATT&CK Matrix ATT&CK v6

Initial Access

Execution

Persistence

Registry Run Keys / Startup Folder

1
T1060

Privilege Escalation

Defense Evasion

Modify Registry

1
T1112

Credential Access

Discovery

Lateral Movement

Collection

Exfiltration

Command and Control

Impact

Tasks