Overview

overview

10

Static

static

77948078a5...ce.exe

windows7-x64

10

77948078a5...ce.exe

windows10-2004-x64

10

Sharing

Copy URL
Twitter E-mail

General

  • Target

    77948078a5cafff73e52393f137e1ac824fe55bb387520c772589b21945452ce

  • Size

    1.3MB

  • Sample

    221128-da7sbsdg6t

  • MD5

    98ad555710ca5e2de085a590f9792e11

  • SHA1

    7a0db4c5b35e9b9d2401cb31de969442f12d8358

  • SHA256

    d0d0813e0d508cfe46af2b51cff4277802b59655fde2aed30800e2696510ddac

  • SHA512

    ea1823f32cfb0ee52a5289ba3672b74e1d48306125a8ceb15e7eb98abf22327db9607f0f6db7ce1e64f058e9929e2f91b05267c9e9cba783ba1a0d520e51d5d2

  • SSDEEP

    24576:bHLzrvPx6GnalbLMlCtwfaARGVgnMneXelnTOJXEEAeYW:zbJ+lYPaAja+eln8XEEAE

Score
10/10
xmrigminer

Malware Config

Targets

    • Target

      77948078a5cafff73e52393f137e1ac824fe55bb387520c772589b21945452ce

    • Size

      2.4MB

    • MD5

      3ffcb88ae6972e653d4486660242ecd6

    • SHA1

      7c50b4855fa6d665a89947b9d5e5df0d59eb038c

    • SHA256

      77948078a5cafff73e52393f137e1ac824fe55bb387520c772589b21945452ce

    • SHA512

      dfdbb9cb30b05fdecf2ff1718195c064dff012670cf4d1742b60265f9a746c31bbb1a36c6923dd522abd20c214aad1582705f47d96d791d16ad8676626737c7b

    • SSDEEP

      24576:9PxN0TZwpeuRh3e45mDyyg2lcV+G2lcVXum+yAlnjO9BGIye57gC:9z0TCpeuRhOAbCC+rC+QAlnyBGIy4

    Score
    10/10
    xmrigminer

    • xmrig

      XMRig is a high performance, open source, cross platform CPU/GPU miner.

      minerxmrig

    • XMRig Miner payload

      miner

    • Executes dropped EXE

    • Checks computer location settings

      Looks up country code configured in the registry, likely geofence.

    • Loads dropped DLL

    • Uses the VBS compiler for execution

    • Suspicious use of SetThreadContext

    behavioral1behavioral2

MITRE ATT&CK Enterprise v6

Tasks