General

  • Target

    f6fd2a4333007f65beef7609077ec14d.exe

  • Size

    2.2MB

  • Sample

    220927-gjq3qacfe8

  • MD5

    f6fd2a4333007f65beef7609077ec14d

  • SHA1

    3740133e77fae5ee1c0ed1cb0493af5557e3562a

  • SHA256

    b2c7dfbe576c1962cd647917207e957d17dbe367c36dde071054f12beac68499

  • SHA512

    43c8b557b1bbfb353d4fe37d09c4dd94c7aaab9d9a6fda421144e40e81e2732df7dbd9faa67ca0e1779e787a8771fbcd9496dee2ae03530462910d1393e513d7

  • SSDEEP

    49152:C30HPteDTvEXI2s+HNZlZT+DM+dRQYpeV+wj:CgPteDTsIInZWM+bpeV+

Score
10/10

Malware Config

Targets

    • Target

      f6fd2a4333007f65beef7609077ec14d.exe

    • Size

      2.2MB

    • MD5

      f6fd2a4333007f65beef7609077ec14d

    • SHA1

      3740133e77fae5ee1c0ed1cb0493af5557e3562a

    • SHA256

      b2c7dfbe576c1962cd647917207e957d17dbe367c36dde071054f12beac68499

    • SHA512

      43c8b557b1bbfb353d4fe37d09c4dd94c7aaab9d9a6fda421144e40e81e2732df7dbd9faa67ca0e1779e787a8771fbcd9496dee2ae03530462910d1393e513d7

    • SSDEEP

      49152:C30HPteDTvEXI2s+HNZlZT+DM+dRQYpeV+wj:CgPteDTsIInZWM+bpeV+

    Score
    10/10
    • xmrig

      XMRig is a high performance, open source, cross platform CPU/GPU miner.

    • XMRig Miner payload

    • Blocklisted process makes network request

    • Executes dropped EXE

    • UPX packed file

      Detects executables packed with UPX/modified UPX open source packer.

    • Loads dropped DLL

    • Drops file in System32 directory

    • Suspicious use of SetThreadContext

MITRE ATT&CK Matrix ATT&CK v6

Execution

Scheduled Task

1
T1053

Persistence

Scheduled Task

1
T1053

Privilege Escalation

Scheduled Task

1
T1053

Tasks