General

  • Target

    1f9d5a35d9b53595caf5bdbdec142fc3b441500e19fbd8ce7aaf152d45a99eae

  • Size

    1MB

  • Sample

    221129-r1dh3acb6x

  • MD5

    eaca6598d7a3f491bd58d70fdaf58d4e

  • SHA1

    036a2f41a43bbe728f60a32d72ba7fe1f4e5f636

  • SHA256

    1f9d5a35d9b53595caf5bdbdec142fc3b441500e19fbd8ce7aaf152d45a99eae

  • SHA512

    701d4ba682a3b6d57aff4aa4e4234f2ed5aea848296b08dedceed8d3a783bbd1616a182df0cd2fb82e2bcc519686827b8bbbd6521d1d28f5b5b2098bd5e05c55

  • SSDEEP

    49152:hZwe+yhWvrBATk7d+tVXMiV6kqXjlm9fb3j3:XL+yhWvrBAAd+TXM31XpmFz3

Score
10/10

Malware Config

Targets

    • Target

      1f9d5a35d9b53595caf5bdbdec142fc3b441500e19fbd8ce7aaf152d45a99eae

    • Size

      1MB

    • MD5

      eaca6598d7a3f491bd58d70fdaf58d4e

    • SHA1

      036a2f41a43bbe728f60a32d72ba7fe1f4e5f636

    • SHA256

      1f9d5a35d9b53595caf5bdbdec142fc3b441500e19fbd8ce7aaf152d45a99eae

    • SHA512

      701d4ba682a3b6d57aff4aa4e4234f2ed5aea848296b08dedceed8d3a783bbd1616a182df0cd2fb82e2bcc519686827b8bbbd6521d1d28f5b5b2098bd5e05c55

    • SSDEEP

      49152:hZwe+yhWvrBATk7d+tVXMiV6kqXjlm9fb3j3:XL+yhWvrBAAd+TXM31XpmFz3

    Score
    10/10
    • xmrig

      XMRig is a high performance, open source, cross platform CPU/GPU miner.

    • XMRig Miner payload

    • Executes dropped EXE

    • Uses the VBS compiler for execution

    • Suspicious use of SetThreadContext

MITRE ATT&CK Matrix

Collection

    Command and Control

      Credential Access

        Defense Evasion

        Execution

          Exfiltration

            Impact

              Initial Access

                Lateral Movement

                  Persistence

                  Privilege Escalation

                    Tasks