Overview

overview

10

Static

static

1

Setup.bat

windows7-x64

7

Setup.bat

windows10-2004-x64

10

Sharing

Copy URL Twitter E-mail

General

  • Target

    Setup.bat

  • Size

    851KB

  • Sample

    230303-qz8r5shb4z

  • MD5

    836da5f306323ef77ef9d202b27db8ed

  • SHA1

    ac9b73d0e25103d01d712351b272567242731870

  • SHA256

    b9c1108acaa4c76cc5ebab05af7a7a22815934495f436d1b24ce5ea4a1f52523

  • SHA512

    e6eddb5f1eb2e18aa329b3d6acb82d8fb314bfb8b498d03f8c4973eb8e0009c12f4006afbae9d4f2a961b89136ba36e6003f4d42e8a4c2fc97327969a5dc5bd5

  • SSDEEP

    24576:V5+Xu6sU5JOLdY425uawdKz+ZApMYtviru/LndyZDxO3B:M5Jk2PwdKz+bC+udyZVO3B

Score
10/10
xmrigminer

Malware Config

Targets

    • Target

      Setup.bat

    • Size

      851KB

    • MD5

      836da5f306323ef77ef9d202b27db8ed

    • SHA1

      ac9b73d0e25103d01d712351b272567242731870

    • SHA256

      b9c1108acaa4c76cc5ebab05af7a7a22815934495f436d1b24ce5ea4a1f52523

    • SHA512

      e6eddb5f1eb2e18aa329b3d6acb82d8fb314bfb8b498d03f8c4973eb8e0009c12f4006afbae9d4f2a961b89136ba36e6003f4d42e8a4c2fc97327969a5dc5bd5

    • SSDEEP

      24576:V5+Xu6sU5JOLdY425uawdKz+ZApMYtviru/LndyZDxO3B:M5Jk2PwdKz+bC+udyZVO3B

    Score
    10/10
    xmrigminer

    • xmrig

      XMRig is a high performance, open source, cross platform CPU/GPU miner.

      minerxmrig

    • XMRig Miner payload

      miner

    • Checks computer location settings

      Looks up country code configured in the registry, likely geofence.

    • Executes dropped EXE

    • Loads dropped DLL

    • Suspicious use of SetThreadContext

    behavioral1behavioral2

MITRE ATT&CK Enterprise v6

Tasks