General
-
Target
42bf95c2a2fa7351fd81756bc7285495ecc31f4b37b280bdbd2b6116719d0244
-
Size
1.4MB
-
Sample
221129-3cacaagf23
-
MD5
270f65170253f84fc8ade7b559b5a4bd
-
SHA1
140d87fab0b3ab7988691f1816f80b97b5061e13
-
SHA256
097d059e224b536c9c59223456fdb074ae01e4d99ab32ee07c2e4647e691bd65
-
SHA512
108c5ce366f82718890f43362de595e594bca0cf899e2618866b804be4a1cedc8318ff6083bb64cf7145b59e6099874f27fe00c826bbcde9d2dae4741af2d3b0
-
SSDEEP
24576:Ykaka4/cQR0chUvFHpmgWYC9MjxUSUJ6NPuaiGgYgaM9njvTSVXTJBss6z5JGx:xakfocgTCCOSayP1iGgdljvc4tJa
Static task
static1
Behavioral task
behavioral1
Sample
42bf95c2a2fa7351fd81756bc7285495ecc31f4b37b280bdbd2b6116719d0244.exe
Resource
win7-20220812-en
Malware Config
Targets
-
-
Target
42bf95c2a2fa7351fd81756bc7285495ecc31f4b37b280bdbd2b6116719d0244
-
Size
2.5MB
-
MD5
7dad5ca2096cbe129c0dade6cb2c915f
-
SHA1
7ef1eeab904b7b3afcc9e203be5e664388eb3198
-
SHA256
42bf95c2a2fa7351fd81756bc7285495ecc31f4b37b280bdbd2b6116719d0244
-
SHA512
87c9f5f16722113221c2ab2f11a9c4238b5706d8853288b3fa63b8bfa0462916dac8d62ee25d49e887202fa102edcc92540ddfb8d71ef19821d0b6c8770726c5
-
SSDEEP
24576:+5phTHwpeGenqhURy3e45mDyyg2lcV+q2lcV2sQ288nLS9XTJDsCSz1H3a:+5phTQpeZnqhURyOAbCC+fCc27n2wRHK
-
XMRig Miner payload
-
Executes dropped EXE
-
Checks computer location settings
Looks up country code configured in the registry, likely geofence.
-
Loads dropped DLL
-
Uses the VBS compiler for execution
-
Suspicious use of SetThreadContext
-