Overview

overview

10

Static

static

3

browser_assistant.exe

windows7-x64

10

browser_assistant.exe

windows10-2004-x64

10

Sharing

Copy URL
Twitter E-mail

General

  • Target

    browser_assistant.exe

  • Size

    5.6MB

  • Sample

    221009-g6lrhsgeej

  • MD5

    6d478e1c67cf16723de2cb550316875e

  • SHA1

    55eeb4c6d10e5dcdeb44b250b287bb7f062534e2

  • SHA256

    386c57582b7d542de1d6164de34cfea4706fc6418a14c69eb246feca2711003e

  • SHA512

    d241716c531d37231de7ba0a080281642442f515922ffb250d38b4f7eaf317301a633e226879f5053f0cb18b7265826209d4361c0a85352a77c5400388d2583c

  • SSDEEP

    98304:3q4BKpzoLLJ3TbwaVvrZE0I8LrKI8F/Vtt1mIi3pRN8D8cXu21Tb08DFscqNCSsW:3qqK9onJ5hrZEK3e9tGPqKmTb0+FscoK

Score
10/10
xmrigminerpyinstaller

Malware Config

Targets

    • Target

      browser_assistant.exe

    • Size

      5.6MB

    • MD5

      6d478e1c67cf16723de2cb550316875e

    • SHA1

      55eeb4c6d10e5dcdeb44b250b287bb7f062534e2

    • SHA256

      386c57582b7d542de1d6164de34cfea4706fc6418a14c69eb246feca2711003e

    • SHA512

      d241716c531d37231de7ba0a080281642442f515922ffb250d38b4f7eaf317301a633e226879f5053f0cb18b7265826209d4361c0a85352a77c5400388d2583c

    • SSDEEP

      98304:3q4BKpzoLLJ3TbwaVvrZE0I8LrKI8F/Vtt1mIi3pRN8D8cXu21Tb08DFscqNCSsW:3qqK9onJ5hrZEK3e9tGPqKmTb0+FscoK

    Score
    10/10
    xmrigminer

    • xmrig

      XMRig is a high performance, open source, cross platform CPU/GPU miner.

      minerxmrig

    • XMRig Miner payload

      miner

    • Loads dropped DLL

    • Legitimate hosting services abused for malware hosting/C2

    • Suspicious use of SetThreadContext

    behavioral1behavioral2

MITRE ATT&CK Matrix ATT&CK v6

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Install Root Certificate

1
T1130

Modify Registry

1
T1112

Credential Access

Discovery

Lateral Movement

Collection

Exfiltration

Command and Control

Web Service

1
T1102

Impact

Tasks