Overview

overview

10

Static

static

4a5416288b...11.exe

windows7-x64

10

4a5416288b...11.exe

windows10-2004-x64

10

Sharing

Copy URL Twitter E-mail

General

  • Target

    4a5416288b34a01fbad95b77b9026621e6539027fd7ec7bb72c99c7b031c6f11

  • Size

    759KB

  • Sample

    230103-enr5gach7s

  • MD5

    2c0398a507c528d2ed7d63ad8367af41

  • SHA1

    c66e805797e7fa34e43e1ada06a78cd0c73c8cd7

  • SHA256

    e6134fe490f6e7c7a6943180d35dbb29291f087babb5b68f7ba5a2061ae9245a

  • SHA512

    9812f07fc213d564556f92a7af8e77155fe6c6e2c203a523310d2c531d9bfb2be365e77618db137bae01a132c02f0cf6b25c023650dd4d54fadaa7fcc003d1e2

  • SSDEEP

    12288:DLIeuhjazJLnMZvPwSJcQYuXbIPZq6zoi7UX+b9iXsFW25aapTAslfGvuYoLKshO:jYjazJrNKUuXbIP91UX+hiXsX5aEEslQ

Score
10/10
xmrigminer

Malware Config

Targets

    • Target

      4a5416288b34a01fbad95b77b9026621e6539027fd7ec7bb72c99c7b031c6f11

    • Size

      915KB

    • MD5

      3765402885c00738ddbeed380dea158c

    • SHA1

      e267858ec805bbc06d0be0a4aca461dc0f8ed0f8

    • SHA256

      4a5416288b34a01fbad95b77b9026621e6539027fd7ec7bb72c99c7b031c6f11

    • SHA512

      cfb558448e38ef50cbe9eed66ef73c2ea5ead2c0d08b1dbfd16b3801ab8fa441671ebbae3ddfbfa1ec53f1dbc2edfc37a94e04c7dc12545afd319033d59d31bb

    • SSDEEP

      24576:jtVSn52by6CyzuHVIP9/2X+NiX+F5aEEMlcc9+ZF:fSn52u6Cy4VI065a9

    Score
    10/10
    xmrigminer

    • xmrig

      XMRig is a high performance, open source, cross platform CPU/GPU miner.

      minerxmrig

    • XMRig Miner payload

      miner

    • Checks computer location settings

      Looks up country code configured in the registry, likely geofence.

    • Uses the VBS compiler for execution

    • Suspicious use of SetThreadContext

    behavioral1behavioral2

MITRE ATT&CK Enterprise v6

Tasks