Overview

overview

10

Static

static

1

8aab92d14f...50.exe

windows7-x64

10

8aab92d14f...50.exe

windows10-2004-x64

10

Sharing

Copy URL Twitter E-mail

General

  • Target

    8aab92d14fb45e9b421540677f9528c1265a4d70c5bb2c1b11acfffeb1014e50.zip

  • Size

    1.5MB

  • Sample

    230310-m16sdsda23

  • MD5

    b49ed3b5b97d510067e04b4f14fc02ba

  • SHA1

    92638971888e574583eb0bd08ed711817380b9ed

  • SHA256

    b68a55c573f4f9dc3c4e072697e6c451a75f9a5bf49d70615e5661ba8ea1be7f

  • SHA512

    32e6fda51fd19da3bda6f57744b49e58b38e789a99df58d01a0db9ad2f08fcb48e148fa418204452b6e757e468f44d7d3bbea9ac6f0fed5dccd5a9bb0e716195

  • SSDEEP

    24576:3xpEdOAjGO41Taxq41LGZS6E5grIXXv11Hz5mh4MHi2MAeD6iNWEdANyJxsjisR0:3xpEdZC7exq44ESiXvjHzgh4MHi2MHXx

Score
10/10
xmrigminer

Malware Config

Targets

    • Target

      8aab92d14fb45e9b421540677f9528c1265a4d70c5bb2c1b11acfffeb1014e50.exe

    • Size

      1.6MB

    • MD5

      bdaa93682f8832b826eb0441849d481b

    • SHA1

      b2732c74df7920082b1ac282d0840b5062dd6391

    • SHA256

      8aab92d14fb45e9b421540677f9528c1265a4d70c5bb2c1b11acfffeb1014e50

    • SHA512

      8cf9db715de29a3f8f2030948bd8ee7b29e8cbc80dfd9421570f0d04bf0e9412342f985ee81c63d300ff6b0cf3c8df525338335e2609844e230cfff75a5fa5fc

    • SSDEEP

      49152:DYwck/lgN8RhPq30G6G0YjD1cqkNY9hX3BH17dgkpKo1NrT:tcXn1s+9Xx6kpzNrT

    Score
    10/10
    xmrigminer

    • xmrig

      XMRig is a high performance, open source, cross platform CPU/GPU miner.

      minerxmrig

    • XMRig Miner payload

      miner

    • .NET Reactor proctector

      Detects an executable protected by an unregistered version of Eziriz's .NET Reactor.

    • Checks computer location settings

      Looks up country code configured in the registry, likely geofence.

    • Uses the VBS compiler for execution

    • Suspicious use of SetThreadContext

    behavioral1behavioral2

MITRE ATT&CK Enterprise v6

Tasks