General
-
Target
0c78984cd2afe869307aca9d8dc9d257f650616b12fa45a2a79a83821f1e7b37
-
Size
833KB
-
Sample
220930-y62amsffer
-
MD5
e94daf09612a7fa6491ff9ff47cd8cae
-
SHA1
fa0abf6e1bfa33f2f180b2fad4928cbadeb7f014
-
SHA256
0c78984cd2afe869307aca9d8dc9d257f650616b12fa45a2a79a83821f1e7b37
-
SHA512
4a2279b7c1c5eed840d8056b585962dea818cd4e5454f42a0caf9b1c56ba06a892acce77dbc6b0598e46f83e6ecb376d2ea42d7b5b15877536bfa31c340dc73a
-
SSDEEP
6144:o2j7MpEXhM4uccEV0SvafIxRT3ChsYwSZpji1X+i22Usn3tezndwI/VLuwUUblRB:X5ucdV0LoSf2+VI3EhHPZR7F
Static task
static1
Behavioral task
behavioral1
Sample
0c78984cd2afe869307aca9d8dc9d257f650616b12fa45a2a79a83821f1e7b37.exe
Resource
win7-20220812-en
Malware Config
Targets
-
-
Target
0c78984cd2afe869307aca9d8dc9d257f650616b12fa45a2a79a83821f1e7b37
-
Size
833KB
-
MD5
e94daf09612a7fa6491ff9ff47cd8cae
-
SHA1
fa0abf6e1bfa33f2f180b2fad4928cbadeb7f014
-
SHA256
0c78984cd2afe869307aca9d8dc9d257f650616b12fa45a2a79a83821f1e7b37
-
SHA512
4a2279b7c1c5eed840d8056b585962dea818cd4e5454f42a0caf9b1c56ba06a892acce77dbc6b0598e46f83e6ecb376d2ea42d7b5b15877536bfa31c340dc73a
-
SSDEEP
6144:o2j7MpEXhM4uccEV0SvafIxRT3ChsYwSZpji1X+i22Usn3tezndwI/VLuwUUblRB:X5ucdV0LoSf2+VI3EhHPZR7F
-
XMRig Miner payload
-
Executes dropped EXE
-
Checks computer location settings
Looks up country code configured in the registry, likely geofence.
-
Loads dropped DLL
-
Uses the VBS compiler for execution
-
Suspicious use of SetThreadContext
-