Overview

overview

10

Static

static

file.exe

windows7-x64

10

file.exe

windows10-2004-x64

10

Sharing

Copy URL
Twitter E-mail

General

  • Target

    file.exe

  • Size

    918KB

  • Sample

    230101-cbj7zsba86

  • MD5

    d033855d030cd6a19690deb337a50c8c

  • SHA1

    624fe54e67c475f7e0725b0a3a9a67dce2f9b336

  • SHA256

    d2b55acbf3aa2b30df7033794577c5cf5ebd57a4372e4f64c32bfb5b5445ca6d

  • SHA512

    79f43020b5180111767665cd32dddaa70acbe613973c92f213c832bbbf64d2f1b6d8ff81f3fd688bc1ddba4e0cf7c0885971894514165c9031bed0d71dbbdab8

  • SSDEEP

    12288:8tVSX3x7FRSJWeOkDPHIBZ2hFcHeVIf6+8LUFT/nzogiKBKchmYBfGmj96sb4/2:8tVSn52rFcMH+8LUFbcgiKQOf9rk/

Score
10/10
xmrigminer

Malware Config

Targets

    • Target

      file.exe

    • Size

      918KB

    • MD5

      d033855d030cd6a19690deb337a50c8c

    • SHA1

      624fe54e67c475f7e0725b0a3a9a67dce2f9b336

    • SHA256

      d2b55acbf3aa2b30df7033794577c5cf5ebd57a4372e4f64c32bfb5b5445ca6d

    • SHA512

      79f43020b5180111767665cd32dddaa70acbe613973c92f213c832bbbf64d2f1b6d8ff81f3fd688bc1ddba4e0cf7c0885971894514165c9031bed0d71dbbdab8

    • SSDEEP

      12288:8tVSX3x7FRSJWeOkDPHIBZ2hFcHeVIf6+8LUFT/nzogiKBKchmYBfGmj96sb4/2:8tVSn52rFcMH+8LUFbcgiKQOf9rk/

    Score
    10/10
    xmrigminer

    • xmrig

      XMRig is a high performance, open source, cross platform CPU/GPU miner.

      minerxmrig

    • XMRig Miner payload

      miner

    • Checks computer location settings

      Looks up country code configured in the registry, likely geofence.

    • Uses the VBS compiler for execution

    • Suspicious use of SetThreadContext

    behavioral1behavioral2

MITRE ATT&CK Enterprise v6

Tasks