Overview

overview

10

Static

static

file.exe

windows7-x64

10

file.exe

windows10-2004-x64

10

Sharing

Copy URL Twitter E-mail

General

  • Target

    file.exe

  • Size

    3.1MB

  • Sample

    221225-1mlrysfc7t

  • MD5

    b592a4707d49520f208088d8041047fd

  • SHA1

    4fdf742d15229daaffd72bc8e9158f2013200d9f

  • SHA256

    35d31939970bcd27e0d99b1d912532393d73b2cdcfdb4d8623e1e7458a6a388c

  • SHA512

    61c9e9456cce3b2b8c2c88959dd416042f4059796d84bedb753e3662c9e4ba9f0e1dd5347f0ea47ae0a53b36d725506d94d09836005a9a5a9ce13f1ae6aa4125

  • SSDEEP

    49152:EMJ8xqm3zNKxjipke496PDS6TROZTAC0QdB3WLSgwIaGZJRWrKnnYt:EMGKxjSZ4sUUC1dFroJR0KnnY

Score
10/10
xmrigminer

Malware Config

Targets

    • Target

      file.exe

    • Size

      3.1MB

    • MD5

      b592a4707d49520f208088d8041047fd

    • SHA1

      4fdf742d15229daaffd72bc8e9158f2013200d9f

    • SHA256

      35d31939970bcd27e0d99b1d912532393d73b2cdcfdb4d8623e1e7458a6a388c

    • SHA512

      61c9e9456cce3b2b8c2c88959dd416042f4059796d84bedb753e3662c9e4ba9f0e1dd5347f0ea47ae0a53b36d725506d94d09836005a9a5a9ce13f1ae6aa4125

    • SSDEEP

      49152:EMJ8xqm3zNKxjipke496PDS6TROZTAC0QdB3WLSgwIaGZJRWrKnnYt:EMGKxjSZ4sUUC1dFroJR0KnnY

    Score
    10/10
    xmrigminer

    • xmrig

      XMRig is a high performance, open source, cross platform CPU/GPU miner.

      minerxmrig

    • XMRig Miner payload

      miner

    • Checks computer location settings

      Looks up country code configured in the registry, likely geofence.

    • Uses the VBS compiler for execution

    • Suspicious use of SetThreadContext

    behavioral1behavioral2

MITRE ATT&CK Enterprise v6

Tasks