Overview

overview

10

Static

static

10

Malware/lsmm.exe

windows10-2004-x64

1

Malware/msief.exe

windows10-2004-x64

8

Malware/msinfo.exe

windows10-2004-x64

1

Sharing

Copy URL Twitter E-mail

General

  • Target

    Malware.7z

  • Size

    13.0MB

  • MD5

    20b544c69d14888f1458c7cf072d3012

  • SHA1

    71ef0c2bc310aeca623fed4c6e01648d03c0fe9a

  • SHA256

    f27d36f4d9693560528826c3063ad5aade6b75174726900f6a7ed83f9ea0d3cf

  • SHA512

    f11b645a062b68828150589ef699624ecff9e7bb6148d4f9c2c27da30781b67e1f57b79ff9bff0439ced244028463ff2f90d1ce3221decf6317b36dbd02a3410

  • SSDEEP

    393216:bzxCnkZ81f4C7ZAAz4mf94L/YUKpmtBYO:wnk+fpNbzfU/NKp01

Score
10/10
minerxmrig

Malware Config

Signatures

  • XMRig Miner payload 1 IoCs
    miner
  • Xmrig family
    xmrig

Files

  • Malware.7z
    .7z

    Password: infected

  • Malware/amd64_microsoft-windows-scripting_31bf3856ad364e35_6.1.7601.24288_none_a6cffb14304c9cc0/cscript.exe
    .exe windows x64

    Password: infected

    25185e007525592ba38da570c42133e5


    Headers

    Imports

    Sections

  • Malware/amd64_microsoft-windows-scripting_31bf3856ad364e35_6.1.7601.24288_none_a6cffb14304c9cc0/dispex.dll
    .dll regsvr32 windows x64

    Password: infected

    3f2c2175aa6dd1a7eaa4d29c81579b67


    Headers

    Imports

    Exports

    Sections

  • Malware/amd64_microsoft-windows-scripting_31bf3856ad364e35_6.1.7601.24288_none_a6cffb14304c9cc0/scrobj.dll
    .dll regsvr32 windows x64

    Password: infected

    cf1ba84d071b5469053ac8b005136b45


    Headers

    Imports

    Exports

    Sections

  • Malware/amd64_microsoft-windows-scripting_31bf3856ad364e35_6.1.7601.24288_none_a6cffb14304c9cc0/scrrun.dll
    .dll regsvr32 windows x64

    Password: infected

    47a25170346d6f14818df9b273d47436


    Headers

    Imports

    Exports

    Sections

  • Malware/amd64_microsoft-windows-scripting_31bf3856ad364e35_6.1.7601.24288_none_a6cffb14304c9cc0/wscript.exe
    .exe windows x64

    Password: infected

    2ec956d218b6a894a8e263f4183956b6


    Headers

    Imports

    Sections

  • Malware/amd64_microsoft-windows-scripting_31bf3856ad364e35_6.1.7601.24288_none_a6cffb14304c9cc0/wshcon.dll
    .dll regsvr32 windows x64

    Password: infected

    9eda1e0c080120177c98fa80aa7e3e4c


    Headers

    Imports

    Exports

    Sections

  • Malware/amd64_microsoft-windows-scripting_31bf3856ad364e35_6.1.7601.24288_none_a6cffb14304c9cc0/wshom.ocx
    .dll regsvr32 windows x64

    Password: infected

    43fb65856d151ffb38064ee446ea6226


    Headers

    Imports

    Exports

    Sections

  • Malware/down.exe
    .exe windows x86

    Password: infected

    fef0c8e38239433af01853495e0a7734


    Headers

    Imports

    Sections

  • Malware/item.dat
    .dll windows x86

    873175402ba5ad62d57fc6907f9bf9bd


    Headers

    Imports

    Exports

    Sections

  • Malware/lsmm.exe
    .exe windows x64

    b1992219519c0b4bc5aaee20a25ee80e


    Headers

    Imports

    Sections

  • Malware/msief.exe
    .exe windows x86

    00be6e6c4f9e287672c8301b72bdabf3


    Headers

    Imports

    Sections

  • Malware/msinfo.exe
    .exe windows x86

    fe7d18036a1df68cec566355c17c8bb1


    Headers

    Imports

    Sections

  • Malware/threat.txt
  • Malware/vcredist_x64.zip
    .zip