General
-
Target
7a90312b845d684d8f0a2ae95cfc5f616d00dd25cbcb172335a36dd90c3340c0
-
Size
600KB
-
Sample
221130-dnq2qsfc9z
-
MD5
380db35deae657f4fab46d97f6d4faff
-
SHA1
228e7a8cdbb4329f0e370d2a7952257d7bba101a
-
SHA256
bd815dc2deab9e355f67b97c032c172be6444b939df066aedb8e60ee84fd6a33
-
SHA512
3a575114147da263f938eafba407eeb7b76c14cdefa2ea27d6ab3e9ce1284f56fc94336023d50a873e64cbf59fb431b3b9817f4034a90136e5399c31b0cb65d6
-
SSDEEP
12288:OCntmdCr4tMhP5aYJKHVncNbCQB6X/+hiYDq6Q:7t90tMhFJKNUE+Ej
Static task
static1
Behavioral task
behavioral1
Sample
7a90312b845d684d8f0a2ae95cfc5f616d00dd25cbcb172335a36dd90c3340c0.exe
Resource
win7-20220901-en
Malware Config
Targets
-
-
Target
7a90312b845d684d8f0a2ae95cfc5f616d00dd25cbcb172335a36dd90c3340c0
-
Size
648KB
-
MD5
4f17d8dcc61d0dea7dd6c4cd0162b246
-
SHA1
d3a2505f416a32ed98e71117db7188cf1a464c5d
-
SHA256
7a90312b845d684d8f0a2ae95cfc5f616d00dd25cbcb172335a36dd90c3340c0
-
SHA512
c4364d742f83dde0aec4a6120f5521bfff3df7e522eb43a3c9bcca6f3fbf3fdd000edb6aeceb2e4c84bebea46a6a3b110f538a982ce41919fb9f8da88ece98b2
-
SSDEEP
12288:cm+6CtnUrur4tohP1aYZKHbncTnCQB6X/MJiY:x+rpX0tohhZKb+YM
-
XMRig Miner payload
-
Executes dropped EXE
-
Checks computer location settings
Looks up country code configured in the registry, likely geofence.
-
Loads dropped DLL
-
Uses the VBS compiler for execution
-
Suspicious use of SetThreadContext
-