Overview

overview

10

Static

static

file.exe

windows7-x64

10

file.exe

windows10-2004-x64

7

Sharing

Copy URL Twitter E-mail

General

  • Target

    file.exe

  • Size

    917KB

  • Sample

    230109-r7mejsef23

  • MD5

    4c48470f3279dff89e27489777ee2918

  • SHA1

    2a6ee90e56ecb7ee4e7652faab5bdf50ba61dbf1

  • SHA256

    332963bc8d4592d82b0af12f674e54053913795e5a92e494409ac417d6b90575

  • SHA512

    eb47c263575d1160ac02a7372e87efab4b4deb1686e7a2701bf338c855e621fedce4e6d19db125776144c4d57781344977b17937eb7ff46d53e8ee0f866b9532

  • SSDEEP

    12288:yO+mxQcvGtjDsg/hoiw79qJ0XOdlfjw+Ptbsq+e5SFVRKcJ+NZP8HD7g+0AO:yO3xQcvng/hoNq2efba788/mn

Score
10/10
xmrigminer

Malware Config

Targets

    • Target

      file.exe

    • Size

      917KB

    • MD5

      4c48470f3279dff89e27489777ee2918

    • SHA1

      2a6ee90e56ecb7ee4e7652faab5bdf50ba61dbf1

    • SHA256

      332963bc8d4592d82b0af12f674e54053913795e5a92e494409ac417d6b90575

    • SHA512

      eb47c263575d1160ac02a7372e87efab4b4deb1686e7a2701bf338c855e621fedce4e6d19db125776144c4d57781344977b17937eb7ff46d53e8ee0f866b9532

    • SSDEEP

      12288:yO+mxQcvGtjDsg/hoiw79qJ0XOdlfjw+Ptbsq+e5SFVRKcJ+NZP8HD7g+0AO:yO3xQcvng/hoNq2efba788/mn

    Score
    10/10
    xmrigminer

    • xmrig

      XMRig is a high performance, open source, cross platform CPU/GPU miner.

      minerxmrig

    • XMRig Miner payload

      miner

    • Checks computer location settings

      Looks up country code configured in the registry, likely geofence.

    • Uses the VBS compiler for execution

    • Suspicious use of SetThreadContext

    behavioral1behavioral2

MITRE ATT&CK Enterprise v6

Tasks