General
-
Target
38e021f09be50f6cafd2153700accc1618ecc17973a1654f34dabd8a9a140866
-
Size
780KB
-
Sample
230110-w12ywagh66
-
MD5
bf56439cda1cad2763177703dd231ee0
-
SHA1
5f0884014b611c42cace4fce0c62dbfa37fe87ad
-
SHA256
38e021f09be50f6cafd2153700accc1618ecc17973a1654f34dabd8a9a140866
-
SHA512
12c8cd695bada3e7ff243667abde1cce904c031e212ac808f5288b2050005ecac0954eabf238cea3c71ec4619ca5745a8e5f570e264c64b81032b2c46f5724bd
-
SSDEEP
24576:D6/Jwn1jUAP7ObI7jtwU3xsw7TyHT/Z3:D4Jwn/iUPfw
Malware Config
Targets
-
-
Target
38e021f09be50f6cafd2153700accc1618ecc17973a1654f34dabd8a9a140866
-
Size
780KB
-
MD5
bf56439cda1cad2763177703dd231ee0
-
SHA1
5f0884014b611c42cace4fce0c62dbfa37fe87ad
-
SHA256
38e021f09be50f6cafd2153700accc1618ecc17973a1654f34dabd8a9a140866
-
SHA512
12c8cd695bada3e7ff243667abde1cce904c031e212ac808f5288b2050005ecac0954eabf238cea3c71ec4619ca5745a8e5f570e264c64b81032b2c46f5724bd
-
SSDEEP
24576:D6/Jwn1jUAP7ObI7jtwU3xsw7TyHT/Z3:D4Jwn/iUPfw
Score10/10-
xmrig
XMRig is a high performance, open source, cross platform CPU/GPU miner.
-
XMRig Miner payload
-
Checks computer location settings
Looks up country code configured in the registry, likely geofence.
-
Uses the VBS compiler for execution
-
Suspicious use of SetThreadContext
-