General
-
Target
283c105c2c82782829e0cea2d161a09d024b914ed1a55cbbe52d2fbf54744909
-
Size
17.2MB
-
Sample
221125-lcj32sbd3s
-
MD5
9fa1aa9681eba02e7e5dee5619fe5f50
-
SHA1
63dc379b6f25d5c3be14950b7803f8ef89e6baf4
-
SHA256
283c105c2c82782829e0cea2d161a09d024b914ed1a55cbbe52d2fbf54744909
-
SHA512
a185dc56afbf53b5b99dd30bbfb2fbb1ce35a42cdfd776f338d29d15a2a5712f6458e2a6855e64fa07f26fe6d68fcf92cd178a50f08e60fe24f0ba41848cedc7
-
SSDEEP
196608:kVabKDvhkItVBCfQD+N2xHv2AOrpFRj/QqjZZ42pawiWix1V5dugapRz9GX0eS+B:gvhk0Ykv2AOD9QLcajWinHaXz9G0j
Static task
static1
Behavioral task
behavioral1
Sample
283c105c2c82782829e0cea2d161a09d024b914ed1a55cbbe52d2fbf54744909.exe
Resource
win7-20220812-en
Behavioral task
behavioral2
Sample
283c105c2c82782829e0cea2d161a09d024b914ed1a55cbbe52d2fbf54744909.exe
Resource
win10v2004-20221111-en
Malware Config
Targets
-
-
Target
283c105c2c82782829e0cea2d161a09d024b914ed1a55cbbe52d2fbf54744909
-
Size
17.2MB
-
MD5
9fa1aa9681eba02e7e5dee5619fe5f50
-
SHA1
63dc379b6f25d5c3be14950b7803f8ef89e6baf4
-
SHA256
283c105c2c82782829e0cea2d161a09d024b914ed1a55cbbe52d2fbf54744909
-
SHA512
a185dc56afbf53b5b99dd30bbfb2fbb1ce35a42cdfd776f338d29d15a2a5712f6458e2a6855e64fa07f26fe6d68fcf92cd178a50f08e60fe24f0ba41848cedc7
-
SSDEEP
196608:kVabKDvhkItVBCfQD+N2xHv2AOrpFRj/QqjZZ42pawiWix1V5dugapRz9GX0eS+B:gvhk0Ykv2AOD9QLcajWinHaXz9G0j
Score10/10-
XMRig Miner payload
-
Executes dropped EXE
-
Checks computer location settings
Looks up country code configured in the registry, likely geofence.
-
Loads dropped DLL
-
Adds Run key to start application
-
Suspicious use of SetThreadContext
-