General
-
Target
browser_assistant_1.exe
-
Size
6.0MB
-
Sample
221009-hgxm6agfaj
-
MD5
6f28502f813029c56f1ad8be35a39b6f
-
SHA1
ca2be5a64814e08ef4b221136a1cf85c879fea80
-
SHA256
45f89edc806b6e9db0726a2bbbdccc04e7afcfa2d0dc26c7444520a266336610
-
SHA512
89b29ac7274851d34b8bbf09ac475266bb643f0256af7183e0fb242915a8c7cafb9f8830e69b8d2396c356471d886fb29c59f5a120a6190ec4193696751f1e23
-
SSDEEP
196608:bI75yqWd9e+q2WWmQqh+ZZRCnFGEkvMtLmZ2t7:O5y1d9vqZQCn0vimI
Behavioral task
behavioral1
Sample
browser_assistant_1.exe
Resource
win7-20220812-en
Malware Config
Targets
-
-
Target
browser_assistant_1.exe
-
Size
6.0MB
-
MD5
6f28502f813029c56f1ad8be35a39b6f
-
SHA1
ca2be5a64814e08ef4b221136a1cf85c879fea80
-
SHA256
45f89edc806b6e9db0726a2bbbdccc04e7afcfa2d0dc26c7444520a266336610
-
SHA512
89b29ac7274851d34b8bbf09ac475266bb643f0256af7183e0fb242915a8c7cafb9f8830e69b8d2396c356471d886fb29c59f5a120a6190ec4193696751f1e23
-
SSDEEP
196608:bI75yqWd9e+q2WWmQqh+ZZRCnFGEkvMtLmZ2t7:O5y1d9vqZQCn0vimI
-
XMRig Miner payload
-
Blocklisted process makes network request
-
Loads dropped DLL
-
Legitimate hosting services abused for malware hosting/C2
-
Suspicious use of SetThreadContext
-