General
-
Target
a9cd4676ee19c15148cf4590b9f32363bd61ecb3ddfc28673a797e8cf3fda5a7
-
Size
2.5MB
-
Sample
221110-xr8whacgf8
-
MD5
3db308a4a293420df30a444944f2ccb6
-
SHA1
4cae8d8a25167bc0ce3e8bfae7ccde1b82f7b0ea
-
SHA256
a9cd4676ee19c15148cf4590b9f32363bd61ecb3ddfc28673a797e8cf3fda5a7
-
SHA512
a74aea4470291b28a04d7eff1ec2e00fd5e445f6235c8e266a34f5041c63c875f874a8e66eb8c10ea0a56c7ee2130deaf2addc011959942296b015293f805c79
-
SSDEEP
49152:BIX8orGKWyNi/abKDNtEgSsoi/hiO0WygnaWjIe1BSORYt3m5rj4A19oo/tGIPIP:bBsi/cKRt1SsoipihWyzcbaqYpm5wA10
Static task
static1
Malware Config
Targets
-
-
Target
a9cd4676ee19c15148cf4590b9f32363bd61ecb3ddfc28673a797e8cf3fda5a7
-
Size
2.5MB
-
MD5
3db308a4a293420df30a444944f2ccb6
-
SHA1
4cae8d8a25167bc0ce3e8bfae7ccde1b82f7b0ea
-
SHA256
a9cd4676ee19c15148cf4590b9f32363bd61ecb3ddfc28673a797e8cf3fda5a7
-
SHA512
a74aea4470291b28a04d7eff1ec2e00fd5e445f6235c8e266a34f5041c63c875f874a8e66eb8c10ea0a56c7ee2130deaf2addc011959942296b015293f805c79
-
SSDEEP
49152:BIX8orGKWyNi/abKDNtEgSsoi/hiO0WygnaWjIe1BSORYt3m5rj4A19oo/tGIPIP:bBsi/cKRt1SsoipihWyzcbaqYpm5wA10
-
Modifies security service
-
XMRig Miner payload
-
Executes dropped EXE
-
Possible privilege escalation attempt
-
Stops running service(s)
-
Modifies file permissions
-
Drops file in System32 directory
-
Suspicious use of SetThreadContext
-