Overview

overview

9

Static

static

winprofile

windows7-x64

9

winprofile

windows10-1703-x64

9

Sharing

Copy URL
Twitter E-mail

General

  • Target

    00b426ecc30bd92b36475650de45315bb643284efd12f9d43843868a10638358

  • Size

    902KB

  • Sample

    221223-d84hkaah4v

  • MD5

    ed8317be1bd5af62622d10bef3695bd7

  • SHA1

    7bd670f5c16997f144367fa5316a70928f782b08

  • SHA256

    00b426ecc30bd92b36475650de45315bb643284efd12f9d43843868a10638358

  • SHA512

    cb400d441f730590b83c52970b628823575482474e7fbe4ce96ba9442fbec86b1be1fe4252e983f283e225016e6084f02cbe35ba4f673bf7a92b811ad4864a54

  • SSDEEP

    6144:FN6Jq6tRTVgNA4ycmnyfnjDB7DNka3A6CCrpqEcL5GapWzL920M0j73PZYDdYfpX:FkUmuXXuyPXB7DXAiRezY24jLXfptl9

Score
9/10
minerupx

Malware Config

Targets

    • Target

      00b426ecc30bd92b36475650de45315bb643284efd12f9d43843868a10638358

    • Size

      902KB

    • MD5

      ed8317be1bd5af62622d10bef3695bd7

    • SHA1

      7bd670f5c16997f144367fa5316a70928f782b08

    • SHA256

      00b426ecc30bd92b36475650de45315bb643284efd12f9d43843868a10638358

    • SHA512

      cb400d441f730590b83c52970b628823575482474e7fbe4ce96ba9442fbec86b1be1fe4252e983f283e225016e6084f02cbe35ba4f673bf7a92b811ad4864a54

    • SSDEEP

      6144:FN6Jq6tRTVgNA4ycmnyfnjDB7DNka3A6CCrpqEcL5GapWzL920M0j73PZYDdYfpX:FkUmuXXuyPXB7DXAiRezY24jLXfptl9

    Score
    9/10
    minerupx

    • Detectes Phoenix Miner Payload

      miner

    • Executes dropped EXE

    • UPX packed file

      Detects executables packed with UPX/modified UPX open source packer.

      upx

    • Loads dropped DLL

    • Uses the VBS compiler for execution

    • Suspicious use of NtSetInformationThreadHideFromDebugger

    • Suspicious use of SetThreadContext

    behavioral1behavioral2

MITRE ATT&CK Enterprise v6

Tasks