Overview

overview

10

Static

static

file.exe

windows7-x64

10

file.exe

windows10-2004-x64

10

Sharing

Copy URL Twitter E-mail

General

  • Target

    file.exe

  • Size

    910KB

  • Sample

    221231-xdgvvsdd9w

  • MD5

    63f318e597b2019871c219fc5288456a

  • SHA1

    c6b60b0ed41fa8eeba828f7ad3dd1dbdbed211ee

  • SHA256

    915879fd0f2470e867fed5f032112044a0278e17372ee142f4c7d2a06bf06ba8

  • SHA512

    54579e636b439f82bf7aa37f2814829001ac1e82d9c49f36291137ab3268f71b6349efa5d4bcd936d9545568b5c2cc9ba576c65dfb67eeac1460a8f95cbc1862

  • SSDEEP

    24576:DtVSn52uoR2u3/HlsFowALxah+XOPpz4:/Sn52uoM8/HLNXXOBE

Score
10/10
xmrigminer

Malware Config

Targets

    • Target

      file.exe

    • Size

      910KB

    • MD5

      63f318e597b2019871c219fc5288456a

    • SHA1

      c6b60b0ed41fa8eeba828f7ad3dd1dbdbed211ee

    • SHA256

      915879fd0f2470e867fed5f032112044a0278e17372ee142f4c7d2a06bf06ba8

    • SHA512

      54579e636b439f82bf7aa37f2814829001ac1e82d9c49f36291137ab3268f71b6349efa5d4bcd936d9545568b5c2cc9ba576c65dfb67eeac1460a8f95cbc1862

    • SSDEEP

      24576:DtVSn52uoR2u3/HlsFowALxah+XOPpz4:/Sn52uoM8/HLNXXOBE

    Score
    10/10
    xmrigminer

    • xmrig

      XMRig is a high performance, open source, cross platform CPU/GPU miner.

      minerxmrig

    • XMRig Miner payload

      miner

    • Checks computer location settings

      Looks up country code configured in the registry, likely geofence.

    • Uses the VBS compiler for execution

    • Suspicious use of SetThreadContext

    behavioral1behavioral2

MITRE ATT&CK Enterprise v6

Tasks