General
-
Target
2513d65f66c1cc8f0fa370a686c0d300014768077b69845d418b28aa68327cbc
-
Size
2.2MB
-
Sample
221003-17cpsahhdq
-
MD5
dac9e82594a59d84987c39a8fbda4117
-
SHA1
2d30c4d2967dcd3c341f1448f48290e21f6b7fa9
-
SHA256
2513d65f66c1cc8f0fa370a686c0d300014768077b69845d418b28aa68327cbc
-
SHA512
f91758fd92f59761bc4df88220b8e74bacaa0ab3f5b7f493f62b8674b7e70153a369d20665607e26e095e95656ea61fcc0226509084325c03bf48bfc9d89e0d4
-
SSDEEP
12288:SoP30jMrUjSA5zctrU52sgR8H67Z3CfSuFAVPW6KI1c8eFL0PV8HNA60JWlmUEvQ:yjMC5AJUIbl+8u0PV8HNjmUEvi
Static task
static1
Behavioral task
behavioral1
Sample
2513d65f66c1cc8f0fa370a686c0d300014768077b69845d418b28aa68327cbc.exe
Resource
win7-20220901-en
Malware Config
Targets
-
-
Target
2513d65f66c1cc8f0fa370a686c0d300014768077b69845d418b28aa68327cbc
-
Size
2.2MB
-
MD5
dac9e82594a59d84987c39a8fbda4117
-
SHA1
2d30c4d2967dcd3c341f1448f48290e21f6b7fa9
-
SHA256
2513d65f66c1cc8f0fa370a686c0d300014768077b69845d418b28aa68327cbc
-
SHA512
f91758fd92f59761bc4df88220b8e74bacaa0ab3f5b7f493f62b8674b7e70153a369d20665607e26e095e95656ea61fcc0226509084325c03bf48bfc9d89e0d4
-
SSDEEP
12288:SoP30jMrUjSA5zctrU52sgR8H67Z3CfSuFAVPW6KI1c8eFL0PV8HNA60JWlmUEvQ:yjMC5AJUIbl+8u0PV8HNjmUEvi
-
Detectes Phoenix Miner Payload
-
XMRig Miner payload
-
Executes dropped EXE
-
Uses the VBS compiler for execution
-
Suspicious use of NtSetInformationThreadHideFromDebugger
-
Suspicious use of SetThreadContext
-