Overview

overview

10

Static

static

1

file.exe

windows7-x64

10

file.exe

windows10-2004-x64

10

Sharing

Copy URL Twitter E-mail

General

  • Target

    file.exe

  • Size

    1.9MB

  • Sample

    230206-1fbneabb91

  • MD5

    45085c318bfa7583aa52768592b08b80

  • SHA1

    3a1bf58f44d58054e04bd33774fb02a8a6827371

  • SHA256

    a600ce7f58bc3296788ca8a8b30735c7bf051e4e9a3d46584fe83bb7cfc5d81a

  • SHA512

    d1c1ad296a9f46f32c1e4950aeaa0eda47a02098670600ab2345f943ef8e275741baf9b9f75e4efbc2d31bed92ef454bca25c8423e06701ff00c7060b66681bd

  • SSDEEP

    24576:yxY/n90/8CB6Ya4cPP4bPS1h4rQm/wt0QSnfepXQUgy5vmelCS/69+cW:yxsn946YaT3mPGh4twyrfe9QpelCQy

Score
10/10
xmrigminer

Malware Config

Targets

    • Target

      file.exe

    • Size

      1.9MB

    • MD5

      45085c318bfa7583aa52768592b08b80

    • SHA1

      3a1bf58f44d58054e04bd33774fb02a8a6827371

    • SHA256

      a600ce7f58bc3296788ca8a8b30735c7bf051e4e9a3d46584fe83bb7cfc5d81a

    • SHA512

      d1c1ad296a9f46f32c1e4950aeaa0eda47a02098670600ab2345f943ef8e275741baf9b9f75e4efbc2d31bed92ef454bca25c8423e06701ff00c7060b66681bd

    • SSDEEP

      24576:yxY/n90/8CB6Ya4cPP4bPS1h4rQm/wt0QSnfepXQUgy5vmelCS/69+cW:yxsn946YaT3mPGh4twyrfe9QpelCQy

    Score
    10/10
    xmrigminer

    • xmrig

      XMRig is a high performance, open source, cross platform CPU/GPU miner.

      minerxmrig

    • XMRig Miner payload

      miner

    • .NET Reactor proctector

      Detects an executable protected by an unregistered version of Eziriz's .NET Reactor.

    • Checks computer location settings

      Looks up country code configured in the registry, likely geofence.

    • Uses the VBS compiler for execution

    • Suspicious use of SetThreadContext

    behavioral1behavioral2

MITRE ATT&CK Enterprise v6

Tasks