Overview

overview

10

Static

static

99cda248f1...35.exe

windows7-x64

8

99cda248f1...35.exe

windows10-2004-x64

10

Sharing

Copy URL Twitter E-mail

General

  • Target

    99cda248f1f2a46b186269f44bec3513e4cefacf849664e7e91dddf57de2f635.bin

  • Size

    400KB

  • Sample

    220923-q9zl8aadgk

  • MD5

    1eb2120ba2845f18c510d80125a5ffc4

  • SHA1

    54fb98cd876aad5178f6708220ecbb112f838577

  • SHA256

    99cda248f1f2a46b186269f44bec3513e4cefacf849664e7e91dddf57de2f635

  • SHA512

    ca6182cf1520012997dd7405b183dfcc7a511e983df5175877ecfd8ad4baf9baedfea1547bdacce59562d6538b56cb18b9f5633e379a054f5fe47040014e8ee2

  • SSDEEP

    12288:CHJfYhK0bUticPtFZboqWIN+hKyDvp7fcMFEWB6cF8zU:CJWu+pFEsbF2U

Score
10/10
xmrigminerpersistence

Malware Config

Targets

    • Target

      99cda248f1f2a46b186269f44bec3513e4cefacf849664e7e91dddf57de2f635.bin

    • Size

      400KB

    • MD5

      1eb2120ba2845f18c510d80125a5ffc4

    • SHA1

      54fb98cd876aad5178f6708220ecbb112f838577

    • SHA256

      99cda248f1f2a46b186269f44bec3513e4cefacf849664e7e91dddf57de2f635

    • SHA512

      ca6182cf1520012997dd7405b183dfcc7a511e983df5175877ecfd8ad4baf9baedfea1547bdacce59562d6538b56cb18b9f5633e379a054f5fe47040014e8ee2

    • SSDEEP

      12288:CHJfYhK0bUticPtFZboqWIN+hKyDvp7fcMFEWB6cF8zU:CJWu+pFEsbF2U

    Score
    10/10
    persistencexmrigminer

    • xmrig

      XMRig is a high performance, open source, cross platform CPU/GPU miner.

      minerxmrig

    • XMRig Miner payload

      miner

    • Modifies Installed Components in the registry

      persistence

    • Drops startup file

    • Enumerates connected drives

      Attempts to read the root path of hard drives other than the default C: drive.

    • Suspicious use of SetThreadContext

    behavioral1behavioral2

MITRE ATT&CK Enterprise v6

Tasks