General
-
Target
2276decf1e3a971157aedf6455c79109c30e9871b17e4cbf5d4305353cc014ef
-
Size
2.1MB
-
Sample
221125-lg25esbf6w
-
MD5
457115eb0e95e1377f8beaa00b545871
-
SHA1
9cb01f9d44134355f9f55cf68ef02740e2aee8f0
-
SHA256
2276decf1e3a971157aedf6455c79109c30e9871b17e4cbf5d4305353cc014ef
-
SHA512
55328834359be46e42b34afa96c89fc26a52928768bd6ecff0a49f5d823d97e3e3d3b3f53e6de9a18549856517d8ccfc1e9cc363e6360a91fa0ea7aa9a36ce5a
-
SSDEEP
49152:Uzb5vW78fienXiALMq/09Jbqj0s/YYP6mN:IxhieXt09jaIm
Static task
static1
Behavioral task
behavioral1
Sample
2276decf1e3a971157aedf6455c79109c30e9871b17e4cbf5d4305353cc014ef.exe
Resource
win7-20221111-en
Behavioral task
behavioral2
Sample
2276decf1e3a971157aedf6455c79109c30e9871b17e4cbf5d4305353cc014ef.exe
Resource
win10v2004-20220901-en
Malware Config
Targets
-
-
Target
2276decf1e3a971157aedf6455c79109c30e9871b17e4cbf5d4305353cc014ef
-
Size
2.1MB
-
MD5
457115eb0e95e1377f8beaa00b545871
-
SHA1
9cb01f9d44134355f9f55cf68ef02740e2aee8f0
-
SHA256
2276decf1e3a971157aedf6455c79109c30e9871b17e4cbf5d4305353cc014ef
-
SHA512
55328834359be46e42b34afa96c89fc26a52928768bd6ecff0a49f5d823d97e3e3d3b3f53e6de9a18549856517d8ccfc1e9cc363e6360a91fa0ea7aa9a36ce5a
-
SSDEEP
49152:Uzb5vW78fienXiALMq/09Jbqj0s/YYP6mN:IxhieXt09jaIm
Score10/10-
XMRig Miner payload
-
Executes dropped EXE
-
Checks computer location settings
Looks up country code configured in the registry, likely geofence.
-
Loads dropped DLL
-
Adds Run key to start application
-
Suspicious use of SetThreadContext
-