General
-
Target
a2f70b1d0813f9dfe3b130ff8e7ac618c0f67e118ff159a3ae2531479c702903
-
Size
772KB
-
Sample
230104-j89x8seh49
-
MD5
7644ed028dbf38078012f606eead358a
-
SHA1
31b33b0c8e7e42f8abb1f50f7baa22354310a70b
-
SHA256
a2f70b1d0813f9dfe3b130ff8e7ac618c0f67e118ff159a3ae2531479c702903
-
SHA512
b7b662a72d92f0b2cf6f89442e52d23f4c17f41ef97a83dd616a4bbccf32576501788f127491d77f7674377f701ed61229177076c3583be3f20424905aa57b52
-
SSDEEP
24576:GouxPwpeK7Bj8FUwSKdd62R/pWI2iy3m2ObDX1g:Go1pe2K/pWJnCC
Malware Config
Targets
-
-
Target
a2f70b1d0813f9dfe3b130ff8e7ac618c0f67e118ff159a3ae2531479c702903
-
Size
772KB
-
MD5
7644ed028dbf38078012f606eead358a
-
SHA1
31b33b0c8e7e42f8abb1f50f7baa22354310a70b
-
SHA256
a2f70b1d0813f9dfe3b130ff8e7ac618c0f67e118ff159a3ae2531479c702903
-
SHA512
b7b662a72d92f0b2cf6f89442e52d23f4c17f41ef97a83dd616a4bbccf32576501788f127491d77f7674377f701ed61229177076c3583be3f20424905aa57b52
-
SSDEEP
24576:GouxPwpeK7Bj8FUwSKdd62R/pWI2iy3m2ObDX1g:Go1pe2K/pWJnCC
Score10/10-
xmrig
XMRig is a high performance, open source, cross platform CPU/GPU miner.
-
XMRig Miner payload
-
Checks computer location settings
Looks up country code configured in the registry, likely geofence.
-
Uses the VBS compiler for execution
-
Suspicious use of SetThreadContext
-