General
-
Target
f352fe9435844d9cb53020899ebd16e76dc6347b2bbba9632a7fb96823cb2093
-
Size
2.2MB
-
Sample
220930-y62w6sefg3
-
MD5
fd2c7234b828082ab12d91f9ac2f77a5
-
SHA1
7f69beefafe276f7c7acf26fdeddfcd2b2d7b45d
-
SHA256
f352fe9435844d9cb53020899ebd16e76dc6347b2bbba9632a7fb96823cb2093
-
SHA512
e5c24e1a8f35b2f6ed9c80bfd32e554f8f681c4a0e92358ce5ae4881773658268840dec96a1c3dd9ecf4efde7ce302b8662f8a28e7c76a5134d98721f164233a
-
SSDEEP
12288:SHtRQJ3xBroe2ICXt0JbpWs0pz/rJnw4Atb14XDUGL7r0vwhSGmn//uhmKGI9lg+:SM1knw4E14h7gdG
Static task
static1
Behavioral task
behavioral1
Sample
f352fe9435844d9cb53020899ebd16e76dc6347b2bbba9632a7fb96823cb2093.exe
Resource
win7-20220812-en
Malware Config
Targets
-
-
Target
f352fe9435844d9cb53020899ebd16e76dc6347b2bbba9632a7fb96823cb2093
-
Size
2.2MB
-
MD5
fd2c7234b828082ab12d91f9ac2f77a5
-
SHA1
7f69beefafe276f7c7acf26fdeddfcd2b2d7b45d
-
SHA256
f352fe9435844d9cb53020899ebd16e76dc6347b2bbba9632a7fb96823cb2093
-
SHA512
e5c24e1a8f35b2f6ed9c80bfd32e554f8f681c4a0e92358ce5ae4881773658268840dec96a1c3dd9ecf4efde7ce302b8662f8a28e7c76a5134d98721f164233a
-
SSDEEP
12288:SHtRQJ3xBroe2ICXt0JbpWs0pz/rJnw4Atb14XDUGL7r0vwhSGmn//uhmKGI9lg+:SM1knw4E14h7gdG
-
XMRig Miner payload
-
Executes dropped EXE
-
Checks computer location settings
Looks up country code configured in the registry, likely geofence.
-
Uses the VBS compiler for execution
-
Suspicious use of SetThreadContext
-