General
-
Target
679bcda18e578956c30848b98c91571f93d51d00f38f1d4d4e025bac03683c23
-
Size
1.6MB
-
Sample
221130-axbrmafg6w
-
MD5
d36695737b155dbc6f5e323dad5918ef
-
SHA1
9daca899ab910b0b703eea93072105e8d9ddcc4d
-
SHA256
679bcda18e578956c30848b98c91571f93d51d00f38f1d4d4e025bac03683c23
-
SHA512
0c3aca624ac61c7aedb94d58f19c3af36fa7c301bf6fa45e9ded32bbd119cdff45800b97a55cd7cfa5ea50c5052679755ee227ec845f799eee2a62a8ce23f2cb
-
SSDEEP
24576:pJoGc0fLQhEl6973d82wivuK/py5Z6nXYzf+S3KCwwb9BxcBeix7JepNY:pJoGc0fkE897N82Tuapy5Z6tib9BmB3
Static task
static1
Malware Config
Targets
-
-
Target
679bcda18e578956c30848b98c91571f93d51d00f38f1d4d4e025bac03683c23
-
Size
1.6MB
-
MD5
d36695737b155dbc6f5e323dad5918ef
-
SHA1
9daca899ab910b0b703eea93072105e8d9ddcc4d
-
SHA256
679bcda18e578956c30848b98c91571f93d51d00f38f1d4d4e025bac03683c23
-
SHA512
0c3aca624ac61c7aedb94d58f19c3af36fa7c301bf6fa45e9ded32bbd119cdff45800b97a55cd7cfa5ea50c5052679755ee227ec845f799eee2a62a8ce23f2cb
-
SSDEEP
24576:pJoGc0fLQhEl6973d82wivuK/py5Z6nXYzf+S3KCwwb9BxcBeix7JepNY:pJoGc0fkE897N82Tuapy5Z6tib9BmB3
-
XMRig Miner payload
-
Executes dropped EXE
-
Checks computer location settings
Looks up country code configured in the registry, likely geofence.
-
Uses the VBS compiler for execution
-
Suspicious use of SetThreadContext
-