General
-
Target
6ae42a8fd4ff87ee3eb1a967cb65802247ace9dd5c724018e77e2d2862549a64
-
Size
4.3MB
-
Sample
220817-ele25adcb8
-
MD5
df2e6a3e2de83755886ed20d2e853aa5
-
SHA1
04e829bad544f581a178c263e2b4a91069533091
-
SHA256
6ae42a8fd4ff87ee3eb1a967cb65802247ace9dd5c724018e77e2d2862549a64
-
SHA512
4d6319dcb90b8a99708b87a9ed3c2187c8c1f206611917267f4b2098a9e4ccbbaea99f9549b206fca5dc44608757fc32b8a18049e3cfa80dc4198e35c4ad1078
-
SSDEEP
98304:DeJchMdICWnnoDLAbUsJxDiM+VO28P08syKTWQMU:qimI3ofwLJEZO28836QN
Static task
static1
Behavioral task
behavioral1
Sample
6ae42a8fd4ff87ee3eb1a967cb65802247ace9dd5c724018e77e2d2862549a64.exe
Resource
win7-20220812-en
Malware Config
Targets
-
-
Target
6ae42a8fd4ff87ee3eb1a967cb65802247ace9dd5c724018e77e2d2862549a64
-
Size
4.3MB
-
MD5
df2e6a3e2de83755886ed20d2e853aa5
-
SHA1
04e829bad544f581a178c263e2b4a91069533091
-
SHA256
6ae42a8fd4ff87ee3eb1a967cb65802247ace9dd5c724018e77e2d2862549a64
-
SHA512
4d6319dcb90b8a99708b87a9ed3c2187c8c1f206611917267f4b2098a9e4ccbbaea99f9549b206fca5dc44608757fc32b8a18049e3cfa80dc4198e35c4ad1078
-
SSDEEP
98304:DeJchMdICWnnoDLAbUsJxDiM+VO28P08syKTWQMU:qimI3ofwLJEZO28836QN
-
Modifies security service
-
XMRig Miner payload
-
Drops file in Drivers directory
-
Executes dropped EXE
-
Possible privilege escalation attempt
-
Stops running service(s)
-
Deletes itself
-
Loads dropped DLL
-
Modifies file permissions
-
Drops file in System32 directory
-
Suspicious use of SetThreadContext
-