General
-
Target
Duino-Coin_3.33_windows.zip
-
Size
34.9MB
-
Sample
221124-nnnlqaba67
-
MD5
d1e294321156ef3a47c88635a7c8bc63
-
SHA1
61898ac489f149d5b10ef39b409ec0db80f69a7c
-
SHA256
9285a79f98246a8ec552e36a62b17ddcf6b4c6b22360e22b65fedb00a7e47e80
-
SHA512
62231b6d16df1949b70634b39158034c9fada6dabb32f3e0c55a87acd3a0064688ea6db26080ce374f77790e4480d699f590dd34426a461060deddedf0c777fc
-
SSDEEP
786432:/235+8XzkWNNYyQdkR/Hj/dqKiGgTc2PCkEZqe2aYPLGPKnT/loTH:/2p+8XzkWNNNPhHljgTc2abZqe2aCLap
Behavioral task
behavioral1
Sample
AVR_Miner.exe
Resource
win10v2004-20221111-en
Behavioral task
behavioral2
Sample
Arduino_Code/Arduino_Code.js
Resource
win10v2004-20220812-en
Behavioral task
behavioral3
Sample
CLI_Wallet.exe
Resource
win10v2004-20221111-en
Behavioral task
behavioral4
Sample
ESP32_Code/ESP32_Code.js
Resource
win10v2004-20221111-en
Behavioral task
behavioral5
Sample
ESP8266_Code/ESP8266_Code.js
Resource
win10v2004-20221111-en
Behavioral task
behavioral6
Sample
PC_Miner.exe
Resource
win10v2004-20221111-en
Behavioral task
behavioral7
Sample
Wallet.exe
Resource
win10v2004-20221111-en
Malware Config
Targets
-
-
Target
AVR_Miner.exe
-
Size
9.8MB
-
MD5
46ab2c1cf9c5f0c42bcfe5016ebeaf31
-
SHA1
1c970f9cb0d3962838a9e19230bfef627bae40a5
-
SHA256
1566eccb2fdd23a6b68ec0403bcb9a8ac3ae601ab07a834ecec6df089a8f00f3
-
SHA512
b2356ba76f66b2a792294791d2c42b2c7ea181fcb4e70eb800d0da1dc8913c5bd0f372e7c773be8d297bb825411da7b3ab84ea1dd69c7fe783503c7e5d427b8a
-
SSDEEP
196608:NJxPDPIEICteEroXxzaxG6NIyzlu8pgsEqJZIX334pO/M8XDCL6L1:zxPrIEInEroXhakuIyzlu8pfEqJE33IW
Score7/10-
Loads dropped DLL
-
Legitimate hosting services abused for malware hosting/C2
-
-
-
Target
Arduino_Code/Arduino_Code.ino
-
Size
4KB
-
MD5
283de3c329235f87e31917ab96b22e5f
-
SHA1
cdfe05e5f9d2edcb90eecf7a6df30e2dc12ddb23
-
SHA256
f151cb5ad028ae99c535fa732ade84b9fa320af09eacb1c221828e47fe1df265
-
SHA512
1d758fca8779dd62484c1683ac50a5636dab9c9519d89c0a42e3b005509c36527ecd2df9a2cea70e1107210a169a73034d4a7d77db74b66bea955d7271a42ab6
-
SSDEEP
96:31u0Uo1uzSlRBO7KlzJyDcHCv06Pfa3jO:31uOHoDcuf
Score1/10 -
-
-
Target
CLI_Wallet.exe
-
Size
9.4MB
-
MD5
ce783a16312c5c769286726501063868
-
SHA1
78aa3e04124a2ae448ef5c241afe964486669f94
-
SHA256
063703e3e2cdddfb9aa889d79c28323f945bcc5178130e0cd8b00139ae734c5d
-
SHA512
6c6d5fe3d9d543b53c41619902cfbe078974422868521992eb79e2aa9a7adfc0e0df5659f8be24ac3e3083ad862446aa2df5856caadfa674433701adbd731029
-
SSDEEP
196608:zoFpV7zj9AKm6gUU8gBk6cmvdsCncq4njQthsiHzy7kiagDZg9fqBhjIUz/oMC:433GH6YkkvaCncvnKhs575aF9WaGi
Score7/10-
Loads dropped DLL
-
Legitimate hosting services abused for malware hosting/C2
-
-
-
Target
ESP32_Code/ESP32_Code.ino
-
Size
31KB
-
MD5
f0a120c3517cbfe115215bbc12330cdc
-
SHA1
4215d28434044a012b0b0bdcb228a02803caf273
-
SHA256
ec8b30b173e9c67fc6f82d74617009b021be753fa94db2aee713604d844c0b1a
-
SHA512
ae5fb4bcf90120622e187d4a6c0da763bc4553b2ebaca50af480e1d028f5ae4d3037385719e1a444d31377331aee1e229820ecc56eb1f48d475da86c8a9bb92d
-
SSDEEP
384:42f8ULk+LHTkuJLaS2tGsd2xwJFhxWPfNVnMdGoJ/SIk9UKvMhgObPcLz5SnCOB:ttHTFLcv2xwJFhxKfNJeGm1Bvlbj
Score1/10 -
-
-
Target
ESP8266_Code/ESP8266_Code.ino
-
Size
25KB
-
MD5
2fd5e793f4cf9e3334b368975a84370a
-
SHA1
040d6ef9008c72b938ab5b229f5251a8ef502fe2
-
SHA256
d363fa35a51b237d11825f11e6fa89205c6cd3cfd1ede3581f298a2a4076a473
-
SHA512
16983e3a7cd7c235672f806de6ef01a4a05c0e557dbaf313bfdab63913cf53998f0a0588aadeed4982a569074d3ef9f1b75cd38c678a2f7d0930e0af9f4ab251
-
SSDEEP
384:H2ryzQptNlz4sBV8UZk6xjOGdsbOgkhCvHsAFTX7Pn7GHJS0bueakw3:gyzslzFZSpbOgkhCvHsAFTrPn7H0bO
Score1/10 -
-
-
Target
PC_Miner.exe
-
Size
9.7MB
-
MD5
70c361b9ee66e7546564828cce1cf0bd
-
SHA1
07a84185084e8512abcbb1b595e25c05ee21f357
-
SHA256
628d7bae60b0a6019637b21cd72f0b985edd3ada285d4601fc8d6344d250c326
-
SHA512
3669b255623f7b68eae35a6239bafe9e246533721c574825727b8279841666698a6e46b65f98c10dd4e2b3be4e1eae9ff549074ea847eb3c244ee615d39fd036
-
SSDEEP
196608:fLPIEICteEroXxzaxG6NIyzlu8pgsEFMzJMdv33U5OwVBIZvH6jOz:7IEInEroXhakuIyzlu8pfEFMJGv33IHO
Score7/10-
Loads dropped DLL
-
Legitimate hosting services abused for malware hosting/C2
-
-
-
Target
Wallet.exe
-
Size
6.6MB
-
MD5
d5d3d568bc716a7a726ce88200a7cd29
-
SHA1
c5246366cba74ae43555b195c61bbe566b09534d
-
SHA256
3a9683911e0a4613a475f11f1881a2dac6723eecba89db9ceb30c2804c580f1a
-
SHA512
e945413bbb3f29ec6dda54403b1fc4741b50f6cc91fc0ba434302e0ff50117a4db9d882aca3ebf9e9258e447e5be44100bdef19df5e094e8aaa3955dd747a14a
-
SSDEEP
196608:7qgFpymvdsCncs4njQthsiHzy7k7yZRAj6KhV4/oDw:/BvaCncNnKhs57I0e6x
Score7/10-
Loads dropped DLL
-
Adds Run key to start application
-