General
-
Target
060dcf3db41635a2f995e0ed15ddf9ffab0e3d462b15b91cd7b4626ca2f0a178
-
Size
1.9MB
-
Sample
221129-mzfjtaca77
-
MD5
c9997fc1a83d922ad052768f2b34957b
-
SHA1
8c5a6283fd2fd20ed7309728a572331c4a5c2ae8
-
SHA256
060dcf3db41635a2f995e0ed15ddf9ffab0e3d462b15b91cd7b4626ca2f0a178
-
SHA512
1f73c858c30ddc9199b61351a3827c651ae812e6cba6255a5c3362206157142361a84d2571bb4dd327f01ea70348a88a2e1e4c9d73ad80a7ffed4f97d7e7aeb6
-
SSDEEP
49152:j2d8gd1orIde6fk6TwHdPtBqYiV6fFKCzYSHhdMe2hVq2RWrsgzfr8:j2Wgd1orIdeWk6odPXqY3tDlMe2ho2RE
Static task
static1
Malware Config
Targets
-
-
Target
060dcf3db41635a2f995e0ed15ddf9ffab0e3d462b15b91cd7b4626ca2f0a178
-
Size
1.9MB
-
MD5
c9997fc1a83d922ad052768f2b34957b
-
SHA1
8c5a6283fd2fd20ed7309728a572331c4a5c2ae8
-
SHA256
060dcf3db41635a2f995e0ed15ddf9ffab0e3d462b15b91cd7b4626ca2f0a178
-
SHA512
1f73c858c30ddc9199b61351a3827c651ae812e6cba6255a5c3362206157142361a84d2571bb4dd327f01ea70348a88a2e1e4c9d73ad80a7ffed4f97d7e7aeb6
-
SSDEEP
49152:j2d8gd1orIde6fk6TwHdPtBqYiV6fFKCzYSHhdMe2hVq2RWrsgzfr8:j2Wgd1orIdeWk6odPXqY3tDlMe2ho2RE
-
XMRig Miner payload
-
Executes dropped EXE
-
Checks computer location settings
Looks up country code configured in the registry, likely geofence.
-
Uses the VBS compiler for execution
-
Suspicious use of SetThreadContext
-