Overview

overview

9

Static

static

winprofile

windows7-x64

9

winprofile

windows10-1703-x64

9

Sharing

Copy URL
Twitter E-mail

General

  • Target

    f5373234e49f32d4367cb6a4ef950c79410b5b7a3b23e15ba36030d0a7ea81df

  • Size

    850KB

  • Sample

    220916-ecwcraeeg4

  • MD5

    b5d529ba78b81037cd5be4152d7bfacd

  • SHA1

    113a6539c827c00510ab65e3eed786a6db1f42a0

  • SHA256

    f5373234e49f32d4367cb6a4ef950c79410b5b7a3b23e15ba36030d0a7ea81df

  • SHA512

    080a7aa183b6b4b0cf468b32f67af80659957c5392258104e874361ffae7eabf48cac9bb36a2c7f10d9f21d57d4f7c38a318c2ff282865eb824e3eba7372eecc

  • SSDEEP

    6144:e3ml8vZpGJ9shsF0YL81eA8vlWEzRKdTLegEfT0YJoXzM59VXO60PjhRMT5+a37x:C06ZYEibLQGbdKdPecShOiIq7dbb7pP

Score
9/10
minerupx

Malware Config

Targets

    • Target

      f5373234e49f32d4367cb6a4ef950c79410b5b7a3b23e15ba36030d0a7ea81df

    • Size

      850KB

    • MD5

      b5d529ba78b81037cd5be4152d7bfacd

    • SHA1

      113a6539c827c00510ab65e3eed786a6db1f42a0

    • SHA256

      f5373234e49f32d4367cb6a4ef950c79410b5b7a3b23e15ba36030d0a7ea81df

    • SHA512

      080a7aa183b6b4b0cf468b32f67af80659957c5392258104e874361ffae7eabf48cac9bb36a2c7f10d9f21d57d4f7c38a318c2ff282865eb824e3eba7372eecc

    • SSDEEP

      6144:e3ml8vZpGJ9shsF0YL81eA8vlWEzRKdTLegEfT0YJoXzM59VXO60PjhRMT5+a37x:C06ZYEibLQGbdKdPecShOiIq7dbb7pP

    Score
    9/10
    minerupx

    • Detectes Phoenix Miner Payload

      miner

    • Executes dropped EXE

    • UPX packed file

      Detects executables packed with UPX/modified UPX open source packer.

      upx

    • Loads dropped DLL

    • Suspicious use of NtSetInformationThreadHideFromDebugger

    • Suspicious use of SetThreadContext

    behavioral1behavioral2

MITRE ATT&CK Enterprise v6

Tasks